Open connection manager virtualization at system-on-chip

ABSTRACT

Resource and memory use by applications used by user equipment (UE) can be adaptively controlled. A UE comprises a connection-manager kernel (CMKC) that can be embedded at the SOC level to facilitate resource and memory control at SOC level. CMKC operates in conjunction with an operating system kernel. CMKC comprises functional blocks that provide network enabler functions and observability APIs for network enhancement, traffic flow monitoring and filtering, QOE executive routines, and traffic flow time shifting. CMKC performs or provides analytics, security and firewall tags, cache management at SOC level, and policy enforcement. CMKC and a trusted memory operate in a trusted zone environment to facilitate secure operation. CMKC adaptively collects information from control registers and analytics, and maps such information to the trusted memory, which can be accessible to trusted APIs to facilitate enabling trusted applications to have knowledge of contextual network information.

TECHNICAL FIELD

This disclosure relates generally to network communications and, morespecifically, to an open connection management virtualization atsystem-on-chip.

BACKGROUND

A wireless communication system can be utilized to provide wirelessaccess to various communication services (e.g., voice, video, data,messaging, content broadcast, etc.) for users of the system. Wirelesscommunication systems can operate according to a variety of networkspecifications and/or standards, such as, for example, universal mobiletelecommunications system (UMTS), third generation partnership project(3GPP) long term evolution (LTE), high speed packet access (HSPA). Thesespecifications and/or standards use different modulation techniques,such as code division multiple access (CDMA), time division multipleaccess (TDMA), frequency division multiple access (FDMA), multi-carrierCDMA (MC-CDMA), single-carrier CDMA (SC-CDMA), orthogonal frequencydivision multiple access (OFDMA), single-carrier frequency divisionmultiple access (SC-FDMA), and so on.

Communication devices (e.g., wireless communication devices), such asmobile phones, electronic tablets, electronic gaming devices, andcomputers, are increasingly using applications to perform variousfunctions and to communicate information between these communicationdevices and other communication devices (e.g., other mobile phones,electronic tablets, electronic gaming devices, computers, servers,etc.). An application can reside on a user's communication device, in acloud, and/or on a server farm, for example.

The above-described description is merely intended to provide acontextual overview of wireless communication networks, and is notintended to be exhaustive.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a block diagram of an example system that canfacilitate adaptively controlling a trusted memory and resources (e.g.,functional blocks) used in connection with applications employed bycommunication devices in a communication network, in accordance withvarious aspects and embodiments described herein.

FIG. 2 a block diagram of another example system that can facilitateadaptively controlling a trusted memory and resources used in connectionwith applications employed by communication devices in a communicationnetwork, in accordance with various aspects and embodiments describedherein.

FIG. 3 illustrates a diagram of still another example system that canfacilitate adaptively controlling access to and use of a trusted memoryand resources (e.g., functional blocks) used for applications employedby communication devices in a communication network, in accordance withvarious aspects and embodiments described herein.

FIG. 4 depicts a block diagram of an example connection-manager kernelcomponent in accordance with various aspects and embodiments of thedisclosed subject matter.

FIG. 5 presents a block diagram of an example kernel component inaccordance with various aspects and embodiments of the disclosed subjectmatter.

FIG. 6 illustrates a block diagram of an example communication networkin accordance with various aspects and embodiments of the disclosedsubject matter.

FIG. 7 depicts a block diagram of an example user equipment (UE) inaccordance with an aspect of the disclosed subject matter.

FIG. 8 illustrates a block diagram of an example access point inaccordance with an aspect of the disclosed subject matter.

FIG. 9 illustrates a flow diagram of an example method that canfacilitate controlling access to information and resources associatedwith a communication device in a communication network, in accordancewith various aspects and embodiments described herein.

FIG. 10 presents a flow chart of an example method that can facilitatecontrolling functional blocks used by applications that are used by acommunication device in a communication network, in accordance withvarious aspects and embodiments described herein.

FIG. 11 depicts a flow diagram of an example method that can facilitateenabling an application or user to select desired functional blocks ofthe set of functional blocks of a communication device to facilitateperforming operations in connection with the application, in accordancewith various aspects and embodiments described herein.

FIG. 12 illustrates a flow chart of an example method that canfacilitate authenticating an application associated with a communicationdevice to facilitate controlling access to information and resources ina trusted zone environment of the communication device, in accordancewith various aspects and embodiments described herein.

FIG. 13 presents a flow chart of an example method that can facilitatecaching information in a trusted zone environment of a communicationdevice, in accordance with various aspects and embodiments describedherein.

FIG. 14 is a schematic block diagram illustrating a suitable operatingenvironment.

FIG. 15 is a schematic block diagram of a sample-computing environment.

DETAILED DESCRIPTION

Various aspects of the disclosed subject matter are now described withreference to the drawings, wherein like reference numerals are used torefer to like elements throughout. In the following description, forpurposes of explanation, numerous specific details are set forth inorder to provide a thorough understanding of one or more aspects. It maybe evident, however, that such aspect(s) may be practiced without thesespecific details. In other instances, well-known structures and devicesare shown in block diagram form in order to facilitate describing one ormore aspects.

Communication devices (e.g., wireless communication devices), such asmobile phones, electronic tablets, electronic gaming devices, andcomputers, can be used to communicate voice and data information toother communication devices and/or to perform other desired functions(e.g., perform calculations, take photographs, play video or musiccontent, play games, etc.). Communication devices also are increasinglyusing applications to perform various functions and to communicateinformation between these communication devices and other communicationdevices.

With respect to communication devices, there exists a number ofdifferent communication device manufacturers, different types ofoperating systems, and different types of communication platforms. Withregard to operating an application in a communication network, thesedifferent communication device manufacturers, different types ofoperating systems, and different types of communication platforms canimpact the communication network in different ways, which can therebyresult in an undesirable fragmentation issue in the communicationnetwork. Such fragmentation can cause an inefficient use of resources bythe communication network, an inefficient use of resources bycommunication devices, and a lower quality of experience forcommunication device users.

Techniques for controlling (e.g., adaptively controlling) access to atrusted memory and resources (e.g., functional blocks and other modemfunctions) that can be employed by applications used by user equipment(UE) are presented herein. A UE (e.g., communication device) cancomprise a connection-manager (CM) kernel component (e.g., an opensource CM kernel component) that can be embedded at the system-on-chip(SOC) level to facilitate resource control at the SOC level. The CMkernel component can facilitate providing connection manageracceleration at the hardware level (e.g., SOC level) embedded into thechip sets. Various modem interfaces can be provided to the CM kernelcomponent, for example, running northbound as a micro kernel.

The CM kernel component can operate in conjunction with an operatingsystem (OS) kernel component, wherein the CM kernel component canfacilitate controlling all or a portion of embedded resources (e.g.,embedded functional blocks and/or other modem functions) and the OSkernel component can facilitate controlling a certain portion of theresources (e.g., a portion of the functional blocks or modem functions).The CM kernel component can comprise or be associated with (e.g.,communicatively connected to) functional blocks (e.g., embeddedfunctional blocks) that can provide access control tools (e.g.,intelligent access control tools), network enabler functions andobservability APIs for network enhancement (e.g., network optimization),traffic flow monitoring and filtering, quality of experience (QOE)executive routines, and traffic flow time shifting. The CM kernelcomponent also can perform or provide analytics (e.g., using analyticsengines), cross-layer observability, security and firewall tags (e.g.,security and firewall functionality embedded at the chip, SOC fabric, orinterconnects), cache management at SOC level, and policy enforcement(e.g., in accordance with defined communication enhancement criteria).

The CM kernel component and a trusted memory component can operate in atrusted execution environment to facilitate secure performance ofoperations within the trusted execution environment. The CM kernelcomponent can adaptively collect information from control registers andanalytics associated with the communication network, and can map suchinformation to, and/or store such information in, the trusted memorycomponent. The memory map associated with the trusted memory componentcan be well defined and standardized with regard to format, scalability,and security. The disclosed subject matter can facilitate enablingcomponents, applications, and other features to be developed around theCM kernel component and trusted memory component.

The CM kernel component can control access to the trusted memorycomponent, wherein the CM kernel component can enable the trusted memorycomponent to be accessible to trusted APIs and trusted applications(e.g., trusted and/or certified applications) to facilitate enablingtrusted applications associated with the UE to have knowledge ofcontextual network-related information. For instance, the CM kernelcomponent can facilitate providing an environment, wherein trustedapplications can use (e.g., directly use) the hardware services (e.g.,services associated with the embedded functional blocks) without havingto use the OS kernel component (e.g., rich OS kernel). The disclosedsubject matter can facilitate enabling applications to be network awareand to operate more efficiently and in accordance with definedcommunication enhancement criteria (e.g., based on communication-networkoptimization or enhancement practices).

Referring now to the drawings, FIG. 1 illustrates a block diagram of anexample system 100 that can facilitate adaptively controlling a trustedmemory and resources (e.g., functional blocks) used in connection withapplications employed by communication devices (e.g., UEs) in acommunication network, in accordance with various aspects andembodiments described herein. The system 100 can comprise a UE 102(e.g., mobile and/or wireless communication device, such as a mobilephone (e.g., 3GPP universal mobile telecommunications system (UMTS)phone), electronic notebook, electronic pad or tablet, electronic gamingdevice, personal digital assistant (PDA), computer, set-top box, etc.)that can operate and communicate in a communication network environment.In an aspect, the UE 102 can be communicatively connected via a wirelesscommunication connection(s) via an access point (AP) 104 to acommunication network(s) 106.

In an aspect, as the UE 102 is moved through a wireless communicationnetwork environment, at various times, the UE 102 can be connected(e.g., wirelessly connected) to one of a plurality of APs (e.g., macroor cellular AP, femto AP, pico AP, wi-fi AP, wi-max AP, hotspot (e.g.,hotspot 1.x, hotspot 2.x, where x is an integer number; UE 102functioning as a mobile hotspot; etc.), etc.), such as an AP 104, thatcan operate in the wireless communication network environment. An AP(e.g., 104) can serve a specified coverage area to facilitatecommunication by the UE 102 or other UEs in the wireless communicationnetwork environment. The AP 104 can serve a respective coverage cell(e.g., macrocell, femtocell, picocell, etc.) that can cover a respectivespecified area, and the AP 104 can service mobile wireless devices, suchas UE 102, located in the respective area covered by the respectivecell, where such coverage can be achieved via a wireless link (e.g.,uplink (UL), downlink (DL)). When an attachment attempt is successful,the UE 102 can be served by the AP 104 and incoming voice and datatraffic can be paged and routed to the UE 102 through the AP 104, andoutgoing voice and data traffic from the UE 102 can be paged and routedthrough the AP 104 to other communication devices (e.g., another UE) inthe communication network environment. In an aspect, the UE 102 can beconnected and can communicate wirelessly using virtually any desiredwireless technology, including, for example, cellular, wi-fi, wi-max,wireless local area networks (WLAN), etc.

At desired times, the UE 102 can utilize one or more applications, suchas, for example, application₁ 108, application₂ 110, and/or (up through)application_(k) 112, wherein k can be virtually any desired number. Inaccordance with various implementations, all or a portion of theapplications (e.g., 108, 110, 112, etc.) can reside in the UE 102 and/orall or a portion of the applications (e.g., 108, 110, 112, etc.) canreside in another communication device(s) associated with thecommunication network 106. In some implementations, the communicationnetwork 106 can facilitate wireless connection with the UE 102 connectedto the AP 104 and facilitate communication by or between a UE 102 andanother UE(s) (not shown) or other type of communication device(s)(e.g., computer, server or server farm that can include an applicationserver or content server that can be provide video content, audiocontent, and/or other content comprising other types of information,etc.) (not shown), wherein the communication device(s) can be associatedwith (e.g., communicatively connected to) the communication network 106in the communication network environment.

In accordance with various implementations, all or a portion of theapplications (e.g., 108, 110, 112, etc.) can reside in the UE 102 and/orall or a portion of the applications (e.g., 108, 110, 112, etc.) canreside in a remote communication device(s) associated with thecommunication network 106. An application (e.g., 108, 110, or 112) beingused by the UE 102 can have functions that can be executed by the UE 102and/or by the remote communication device associated with theapplication. An application (e.g., 108, 110, 112, etc.) can be, forexample, a messaging application, a gaming application, a utilityapplication, a financial application, a news application, a socialnetworking application, a video application, an image captureapplication (e.g., a video capture or photograph capture application), amusic application, an online shopping application, a location-detectionapplication, a geographical-map-generation application, a cryptographicapplication (e.g., for encryption or decryption), a digital rightsmanagement (DRM) application, a mobile-to-mobile (M2M) type ofapplication, a VoIP type of application, or a near real time (NRT) typeof application, among other types of applications. In someimplementations, the UE 102 can be connected (e.g., directly) with oneor more applications (e.g., 108, 110, or 112) using, for example, one ormore various types of wireless communication technology, such as nearfield communication (NFC) technology, bluetooth technology, zigbeetechnology, etc. In certain implementations, the UE 102 can function asa mobile hotspot (e.g., AP) to which one or more applications can bewirelessly connected to facilitate communication of traffic (e.g., voiceor data traffic) between an application(s) and the communication network106 via the UE 102. It is to be further appreciated and understood thatone or more communication devices (e.g., remote communication device)can be located within a cloud, wherein, for example, the cloud caninclude a server farm comprising one or more servers (e.g., applicationservers) that can be utilized to perform respective applicationfunctions (e.g., VoIP, video streaming, messaging, multimedia,electronic gaming, news-related functions, social media functions,finance-related functions, etc.) based at least in part on the type ofapplication.

The communication network 106 can include one or more wirelinecommunication networks and one or more wireless communication networks,wherein the one or more wireless communication networks can be based onone or more various types of communication technology or protocols, suchas, for example, 3G, 4G, or x generation (xG) network, where x can bevirtually any desired integer or real value; wi-fi; etc. Thecommunication network 106 (e.g., a core network, or a network comprisinga core network and/or an IP-based network) can facilitate routing voiceand data communications between a communication device(s) (e.g., UE 102)and other communication devices (e.g., remote communication device)associated with the communication network 106 in the communicationnetwork environment. The communication network 106 also can allocateresources to the UE 102 or other UEs in the communication network 106,convert or enforce protocols, establish and enforce quality of service(QOS) for the UEs (e.g., UE 102), provide applications or services inthe communication network 106, translate signals, and/or perform otherdesired functions to facilitate system interoperability andcommunication in the communication network 106 (e.g., wireless portionof the communication network 106 or wireline portion of thecommunication network 106). The communication network 106 further caninclude desired components, such as routers, nodes, switches,interfaces, controllers, etc., that can facilitate communication of databetween communication devices in the communication network environment.

The UE 102 can comprise a CM kernel component 114 that can facilitateestablishing connections between the UE 102 (and applications used bythe UE 102) and the communication network 106 and/or anothercommunication device associated with the communication network 106,controlling data stored in a trusted memory component 116 that can beassociated with (e.g., communicatively connected to) the CM kernelcomponent 114, controlling operation of a cache memory componentassociated with the CM kernel component 114, controlling operation ofthe applications (e.g., 108, 110, 112, etc.), controlling operation offunctional blocks (e.g., functional blocks comprising basebandfunctions), and/or performing other operations that can facilitatedesired operation of the UE 102, as more fully disclosed herein.

The CM kernel component 114 also can facilitate performing kernelfunctions in connection with the UE 102. For instance, the CM kernelcomponent 114 can comprise a dedicated kernel that can facilitateperforming certain operations comprising, for example, managing certaininput/output data requests (e.g., from software and/or an application),translating certain requests into instructions (e.g., data processinginstructions) for execution by a processor component or other component(e.g., a functional block(s)) of the UE 102, etc.

In some implementations, the CM kernel component 114 can facilitateperforming resource manager-related functions for the UE 102. Forinstance, the CM kernel component 114 can facilitate managing certainresources (e.g., functional blocks comprising baseband functions, modemblocks comprising modem functions, etc.) contained on the UE 102 and/orperforming other desired operations in connection with such resources ofthe UE 102.

The UE 102 also can comprise an operating-system (OS) kernel component118 (e.g., rich OS kernel) that can be employed to facilitate performingoperations by the UE 102, including, for example, managing input/outputdata requests (e.g., from software and/or an application), translatingrequests into instructions (e.g., data processing instructions) forexecution by a processor component or other component of the UE 102,etc. The OS kernel component 118 can be associated with (e.g.,communicatively connected to) the CM kernel component 114 (e.g., via abus).

The UE 102 also can comprise a functional block component 120 that cancomprise a set of functional blocks (e.g., functional blocksub-components comprising respective baseband functions), comprisingfunctional block₁ 122, functional block₂ 124, and/or (up through)functional block 126, wherein j can be virtually any desired number. Therespective functional blocks (e.g., 122, 124, 126, etc.) can performrespective functions (e.g., baseband functions), such as, for example,data compression or decompression, data encryption or decryption,location detection, network-awareness functions (e.g., network-conditionsensing (e.g., network-congestion sensing), power level sensing, and/orother functions, such as disclosed herein), etc. The set of functionalblocks (e.g., 122, 124, 126, etc.) can be located on or embedded in theSOC (e.g., can be at the SOC level on the SOC chip set), wherein thefunctional blocks can be or can comprise firmware or hardware, forexample. The CM kernel component 114 can be embedded in the SOC (e.g.,can be at the SOC level on the SOC chip set) and/or can have access toat least some of the control layers at the SOC, and can facilitatecontrolling operation of the functional blocks (e.g., 122, 124, 126,etc.) in the set of functional blocks.

In some implementations, the UE 102 can comprise an interface component128 that can facilitate interacting with applications (e.g., 108, 110,112, etc.) or users associated with the UE 102. The interface component128 (e.g., API component) can comprise one or more interfaces, such asone or more APIs, that can facilitate communicating, presenting, orexposing data, which can be stored in or processed by components of thetrusted zone environment of the UE 102, to one or more of theapplications that are determined to be trusted and/or certified by theCM kernel component 114. The data can comprise, for example, data storedin the trusted memory component 116, data stored in the cache component,or data processed by the functional blocks or modem functions, whereinthe trusted memory component 116, cache component, functional blocks,and/or modem functions also can be part of the trusted zone environmentand/or can be embedded at the SOC level (e.g., on the SOC chip set).

The CM kernel component 114 facilitate controlling (e.g., adaptivelycontrolling) access to information (e.g., stored in the trusted memorycomponent or cache component) in the trusted zone environment associatedwith UE 102. The CM kernel component 114 also can operate to facilitateadaptively controlling certain resources (e.g., secure, embedded, and/orproprietary functional blocks or modem functions) of the UE 102, forexample, in connection with using applications (e.g., 108, 110, 112,etc.) associated with the UE 102. The CM kernel component 114 also canfacilitate adaptively controlling operation of the applications (e.g.,108, 110, 112, etc.) and the UE 102, and enhancing use of networkresources of the communication network 106 in connection with use ofapplications by the UE 102 (e.g., by enabling dynamiccommunication-network optimization or enhancement practices), inaccordance with defined communication enhancement criteria.

The CM kernel component 114 can be associated with (e.g.,communicatively connected to) the set of functional blocks (e.g., 122,124, 126, etc.) and the APIs of the interface component 128, wherein theCM kernel component 114, functional blocks, and/or the APIs can provideaccess control tools (e.g., intelligent access control tools), networkenabler functions and observability APIs for network enhancement (e.g.,network optimization), traffic flow monitoring and filtering, QOEexecutive routines, and traffic flow time shifting. The CM kernelcomponent 114 also can perform or provide analytics (e.g., via employinganalytics engines), cross-layer observability, security and firewalltags (e.g., security and firewall functionality embedded at the chip,SOC fabric, or interconnects), cache management at the SOC level (e.g.,via the cache manager component and the cache component), and policyenforcement (e.g., in accordance with defined communication enhancementcriteria).

Various other aspects and implementations of the CM kernel component 114and other components of the UE 102 will be described herein. The CMkernel component 114 can control access to information stored in thetrusted memory component 116 and access to the functional blocks (e.g.,122, 124, 126, etc.) of the UE 102 by an application (e.g., 108, 110, or112) associated with the UE 102, in accordance with definedcommunication enhancement criteria. The defined communicationenhancement criteria can comprise, for example, a criterion(s) (e.g., adefined trust criterion(s)) relating to a defined trust level associatedwith access to the trusted memory component 116 and the functionalblocks (e.g., 122, 124, 126, etc.).

The CM kernel component 114 can facilitate receiving, collecting, orobtaining information relating to the communication network 106, trafficflows, and/or functional blocks (e.g., 122, 124, 126, etc.) of orassociated with the UE 102. The CM kernel component 114 can map suchinformation to, and/or store such information in, the trusted memorycomponent 116. In some implementations, the CM kernel component 114 canreceive, collect, or obtain information from control registers andanalytics associated with the set of functional blocks (e.g., 122, 124,126, etc.) of the UE 102. The CM kernel component 114 also can generateanalytics information relating to the communication network 106, trafficflows, or the functional blocks (e.g., 122, 124, 126, etc.) based atleast in part on information (e.g., a subset of the received, collected,or obtained information) relating to the communication network 106,traffic flows, and functional blocks (e.g., 122, 124, 126, etc.) of theUE 102. The CM kernel component 114 can store and/or map the information(e.g., received information, analytics information, etc.) relating tothe communication network 106, traffic flows, and/or functional blocks(e.g., 122, 124, 126, etc.) of the UE 102 in or to the trusted memorycomponent 116 of the UE 102.

The CM kernel component 114 can control access to the information storedin the trusted memory and access to the functional blocks (e.g., 122,124, 126, etc.) by the application (e.g., 108) based at least in part onthe defined communication enhancement criteria (e.g., comprising thedefined trust criterion(s)) relating to the defined trust level. Forinstance, if the CM kernel component 114 determines that an applicationsatisfies the defined trust criterion(s), the CM kernel component 114can determine that the application is a trusted application that hasestablished a defined trust level with the trusted zone environment,including the CM kernel component 114, trusted memory component 116, andthe set of functional blocks (e.g., 122, 124, 126, etc.). A trustedapplication can be, for example, an application (e.g., 108) that wasobtained (e.g., downloaded) from a trusted application store or source,and/or an application that has been certified as a trusted applicationby the CM kernel component 114 or another authorized certifying entity(e.g., associated with the trusted application store or source), and/oran application that has been authenticated by the CM kernel component114 and/or has satisfied any other applicable criterion(s) specified bythe defined trust criteria.

In response to determining that the application (e.g., 108) is a trustedapplication, the CM kernel component 114 can grant access rights to thetrusted application to allow the trusted application to access theinformation stored in the trusted memory component 116 and access to useone or more of the functional blocks of the set of functional blocks(e.g., 122, 124, 126, etc.) of the UE 102. If the CM kernel component114 determines that the application is not a trusted application, the CMkernel component 114 can deny access to the trusted memory component 116and/or to all or some of the functional blocks of the set of functionalblocks (e.g., 122, 124, 126, etc.) of the UE 102.

The CM kernel component 114 also can facilitate adaptively controllingthe use and operation of functional blocks of the set of functionalblocks (e.g., 122, 124, 126, etc.) in connection with applications(e.g., 108, 110, or 112) that are used by the UE 102. In someimplementations, the CM kernel component 114 can monitor or track, andcan receive or collect, information relating to the activity, behavior,and/or traffic flows (e.g., voice or data traffic flows) associated withthe UE 102 and network-related conditions (e.g., network events, networkstate information, network-related triggers, network-related controls,etc.) associated with the communication network 106. The CM kernelcomponent 114 can receive or obtain a portion of the informationrelating to the communication network 106 and/or traffic flow from oneor more sensors or APIs (e.g., API sub-components) associated with theUE 102. The CM kernel component 114 also receive or obtain anotherportion of the information relating to the communication network 106and/or traffic flow from the communication network 106.

The CM kernel component 114 can analyze the information relating to theactivity, behavior, and/or traffic flows (e.g., voice or data trafficflows) associated with the UE 102 and network-related conditions togenerate analysis results. As part of the analysis, the CM kernelcomponent 114 can access and apply policy information (e.g.,communication enhancement policy information), for example, obtainedfrom a policy database (e.g., stored in a data store) of the UE 102. Thepolicy information can be based at least in part on the definedcommunication enhancement criteria (e.g., which can be in accordancewith desired optimization practices).

The CM kernel component 114 can determine a desired enhanced operationcondition to employ in connection with a particular application (e.g.,108), based at least in part on the analysis results and policy data(e.g., from the policy database), in accordance with the definedcommunication enhancement criteria. For instance, the CM kernelcomponent 114 can determine respective operational (e.g., switching)states or operational modes to employ for one or more of the respectivefunctional blocks of the set of functional blocks (e.g., 122, 124, 126,etc.) that can utilized in connection with the particular application(e.g., 108), based at least in part on the analysis results, inaccordance with the defined communication enhancement criteria. Forexample, the CM kernel component 114 can determine which, if any,functional blocks of the set of functional blocks (e.g., 122, 124, 126,etc.) can be accessed and used by the application (e.g., 108) based atleast in part on whether the application is determined to be a trustedapplication that is permitted to access one or more of the functionalblocks in the set, in accordance with the defined communicationenhancement criteria (e.g., comprising the defined trust criterion(s)).In some implementations, there can be one or more functional blocks inthe set that can be an open or non-secure (e.g., less secure or open)functional block(s) that is permitted to be used by trusted ornon-trusted applications.

If the CM kernel component 114 determines that the application (e.g.,108) is a trusted application permitted to access at least a portion ofthe functional blocks or if it determines that a functional block(s) ofthe set is an open or non-secure (e.g., less secure or open) functionalblock(s) that is permitted to be used by trusted or non-trustedapplications, the CM kernel component 114 can determine other aspects ofthe enhanced operation condition relating to such functional block(s)that is to be used in connection with the application (e.g., 108). Forinstance, the CM kernel component 114 can determine the respectiveoperational (e.g., switch) states or modes of the respective functionalblocks of the set of functional blocks, in accordance with the definedcommunication enhancement criteria. The CM kernel component 114 candetermine, for example, which functional block(s) of the set to employ(e.g., determine which functional block(s) can be desirable (e.g., mostfavorable, best available, optimal, etc.) to employ), and, for afunctional block(s) being employed, the desired (e.g., most favorable,best available, optimal, etc.) operational state or mode of thatfunctional block(s). In accordance with the defined communicationenhancement criteria, the functional block(s) employed also can be basedat least in part on one or more preferences of the application (e.g.,108) or the UE user.

Based at least in part on such determinations, the CM kernel component114 can control (e.g., adaptively control) and/or set the respectiveoperational states or modes of the respective functional blocks of theset of functional blocks (e.g., 122, 124, 126, etc.), in accordance withthe defined communication enhancement criteria. In some implementations,to facilitate controlling or setting of the respective operationalstates or modes of the respective functional blocks, the CM kernelcomponent 114 can generate control instructions that can facilitatedesirably switching or changing the operational states or modes of therespective functional blocks (e.g., 122, 124, 126, etc.) to facilitateenhancing (e.g., optimizing, acceptably improving or augmenting, etc.)operation of the UE 102 and/or the communication network 106. The CMkernel component 114 can communicate the control instructions to the setof functional blocks (e.g., 122, 124, 126, etc.), or a portion thereof,(e.g., via the kernel component or network resource manager component ofthe CM kernel component 114) to facilitate controlling the respectiveoperational states or modes of the respective functional blocks of theset of functional blocks (e.g., 122, 124, 126, etc.).

In certain implementations, the CM kernel component 114 also can provideupdate information to the communication network 106 (e.g., the basestation 104, or another component of the communication network 106 viathe base station 104) to facilitate notifying the communication network106 that the UE 102 is operating in accordance with the enhancedoperation condition, in accordance with the defined communicationenhancement criteria. The communication network 106 can use thisinformation to facilitate implementing a desired network operationalmodification, if any, based at least in part on the enhanced operationcondition employed by the UE 102, including the respective functionalblocks of the set of functional blocks (e.g., 122, 124, 126, etc.), tofacilitate desired operation of the communication network 106, inaccordance with the defined communication enhancement criteria (e.g., inaccordance with desired optimization practices).

The disclosed subject matter also can facilitate enabling an applicationor user to select desired functional blocks of the set of functionalblocks (e.g., 122, 124, 126, etc.) of the UE 102 to facilitateperforming operations in connection with the application (e.g., 108). Inresponse to determining that the application is a trusted application,and/or the user is a trusted user, the CM kernel component 114 and/orthe trusted memory component 116 can facilitate providing (e.g.,presenting, exposing, communicating, etc.) information relating to thecommunication network 106, the traffic flow associated with the UE 102,and/or the functional blocks to the application (e.g., 108) and/or theuser.

The information can comprise information received or collected by the CMkernel component 114, analytics information and/or analysis resultsgenerated by the CM kernel component 114 or the communication network106 (e.g., by a network management component of the communicationnetwork 106), policy data, and/or other information. The CM kernelcomponent 114 and/or the trusted memory component 116 can provide theinformation relating to the set of functional blocks (e.g., 122, 124,126, etc.) to the application (e.g., 108) to facilitate notifying theapplication (e.g., 108) and/or user of the availability of all or aportion of the set of functional blocks of the UE 102. The informationrelating to the respective functional blocks also can relate to therespective functions (e.g., baseband functions) that can be performed bythe respective functional blocks, as more fully disclosed herein.

The information also can comprise a recommendation(s) regarding anenhanced operation condition(s) as determined by the CM kernel component114, in accordance with the defined communication enhanced criteria. Therecommendation(s) regarding the enhanced operation condition(s) can, forexample, indicate which functional block(s) and/or which operationalstate or mode of the functional block(s) can be desirable (e.g., mostfavorable, best available, optimal, etc.). Such information relating tothe communication network 106, the traffic flow, and/or the functionalblocks can be provided to the UE 102 and/or user via one or moreinterfaces of the interface component 128.

The application (e.g., 108) or associated user (e.g., using the UE 102)can analyze the information relating to the communication network 106and traffic flow, and/or the information relating to the set offunctional blocks (e.g., available functional blocks). The application(e.g., 108) or user can select one or more desired (e.g., favored, bestavailable, optimal, etc.) functional blocks based at least in part onanalysis results obtained from analyzing such information, apreference(s) of the application (e.g., 108) or user, and the definedcommunication enhancement criteria. The application (e.g., 108) oranother component of the UE 102 can communicate selection information,which can relate to and indicate the one or more desired functionalblocks that were selected by the application or user, to the CM kernelcomponent 114.

The CM kernel component 114 can receive the selection information fromthe application (e.g., 108) or user (e.g., via an interface). The CMkernel component 114 can initialize (e.g., switch on and/or set anoperational mode) the one or more desired (e.g., favored, bestavailable, optimal, etc.) functional blocks (e.g., 122) of the set offunctional blocks (e.g., 122, 124, 126, etc.) based at least in part on(e.g., in response to) the selection information, in accordance with thedefined communication enhancement criteria. Such selection of thedesired one or more functional blocks and setting of the operationalstate(s) and/or mode(s) of the desired one or more functional blocks canconstitute an enhanced operation condition associated with the UE 102.

The CM kernel component 114 can facilitate establishing a communicationconnection between the application (e.g., 108) (and associated UE 102)and the communication network 106 to facilitate initiating acommunication session associated with the application (e.g., 108),wherein the application can use the one or more desired functionalblocks (e.g., 122) of the set of functional blocks (e.g., 122, 124, 126,etc.) during the communication session. The communication connection canbe, for example, a 3G, 4G, or wi-fi communication connection.

In some implementations, the CM kernel component 114 can provide (e.g.,communicate, present) update information to the communication network106 (e.g., the base station 104, or another component of thecommunication network 106 via the base station 104) to facilitatenotifying the communication network 106 that the UE 102 is operating inaccordance with the enhanced operation condition, in accordance with thedefined communication enhancement criteria. The communication network106 can use this information to facilitate implementing a desirednetwork operational modification, if any, based at least in part on theenhanced operation condition employed by the UE 102, including therespective functional blocks of the set of functional blocks (e.g., 122,124, 126, etc.), to facilitate desired operation of the communicationnetwork 106, in accordance with the defined communication enhancementcriteria (e.g., in accordance with desired optimization practices).

The disclosed subject matter also can facilitate authenticating anapplication associated with the UE 102 to facilitate controlling accessto information and resources in the trusted zone environment of the UE102. One or more of the applications (e.g., 108, 110, 112, etc.)associated with the UE 102 can be obtained (e.g., via download) from anapplication store or other source, can be installed on the UE 102,and/or can be accessible (e.g., through an application service or servervia the communication network 106, or via another source). The CM kernelcomponent 114 can determine whether the respective applications (e.g.,108, 110, 112, etc.) associated with the UE 102 are authenticated and/orcertified to facilitate controlling access to resources (e.g.,functional blocks and modem functions), access to the trusted memorycomponent 116 and the data stored therein, access to the cachecomponent, and/or access to other portions of the trusted zoneenvironment.

The CM kernel component 114 can receive authentication information orcertification information relating to a particular application (e.g.,108) from the application or another entity (e.g., application store orsource of the application, a certifying entity that certifiesapplications, etc.). In some implementations, an application (e.g., 108)can be certified through an authorized application store or otherauthorized entity that is authorized to certify applications as beingtrusted with respect to the trusted zone environment, including the CMkernel component 114 and the trusted memory component 116, in accordancewith the defined communication enhancement criteria (e.g., comprisingthe defined trust criteria). In other implementations, an applicationalso can be self-certifying (e.g., automatically self-certifying), forexample, by being able to provide information (e.g., authenticationinformation, certification standards information, etc.), to the CMkernel component 114, that can indicate (e.g., prove) that theapplication satisfies the requirements for being certified as a trustedor certified application, in accordance with the defined communicationenhancement criteria.

The CM kernel component 114 can analyze the authentication informationor the certification information submitted by the application or otherentity to facilitate determining whether the application isauthenticated and/or certified to be a trusted or certified application.For instance, the CM kernel component 114 can analyze the authenticationinformation to facilitate determining whether the authenticationinformation is valid, for example, by matching correspondingauthentication information stored in a data store associated with the CMkernel component 114, and/or whether the authentication information issufficient to determine that the application is a trusted application,in accordance with the defined communication enhancement criteria. TheCM kernel component 114 also can analyze the certification informationto facilitate determining whether the certification information issufficient to satisfy the defined trust criteria for determining theapplication to be a trusted application. For example, the CM kernelcomponent 114 can analyze the certification information to facilitatedetermining whether the certification information is valid informationand satisfies the set of certification standards relating tocertification of an application as a trusted application.

The CM kernel component 114 can determine whether the application isauthenticated or certified as a trusted application based at least inpart on the analysis results. If the CM kernel component 114 determinesthat the application is a trusted application, the CM kernel component114 can grant, to the application, access to all or a portion of theinformation stored in the trusted memory component 116 and/or access toall or a portion of the set of functional blocks (e.g., 122, 124, 126,etc.).

If the CM kernel component 114 determines that the application is not atrusted application, the CM kernel component 114 can deny theapplication access to all or a portion of the information stored in thetrusted memory component 116 and/or deny access to all or a portion ofthe set of functional blocks (e.g., 122, 124, 126, etc.). For example,in connection with a non-trusted application, the CM kernel component114 can deny access to the trusted memory component 116 (and the datastored therein), and can deny access to all or a portion of thefunctional blocks of the set, although, if any of the functional blocksare open functional blocks that are not part of the trusted zoneenvironment, the CM kernel component 114 can permit the non-trustedapplication to use the open functional block(s) of the UE 102.

FIG. 2 depicts a block diagram of another example system 200 that canfacilitate adaptively controlling a trusted memory and resources (e.g.,functional blocks) used in connection with applications employed by UEs(e.g., communication devices) in a communication network, in accordancewith various aspects and embodiments described herein. The system 200can comprise a UE 202, an AP 204, a communication network 206, a set ofapplications (e.g., comprising application₁ 208, application₂ 210,and/or (up through) application_(k) 212), a CM kernel component 214, atrusted memory component 216, an OS kernel component 218, a functionalblock component 220 (e.g., comprising functional block₁ 222, functionalblock₂ 224, and/or (up through) functional block₁ 226), and an interfacecomponent 228. The respective components (e.g., UE 202, AP 204,communication network 206, applications, CM kernel component 214,trusted memory component 216, etc.) can comprise the respective featuresand functions, such as more fully described herein.

In accordance with various implementations and aspects, the CM kernelcomponent 214 can comprise a connection manager component 230 (CM COMP.230), a kernel component 232 (KERNEL COMP. 232), a resource managercomponent 234 (RM COMP. 234), and a cache manager component 236 (CACHEMGR. COMP. 236). The UE 202 also can comprise a cache component 238. TheCM kernel component 214 and cache component 238 can be part of thetrusted zone environment of the UE 202 and/or can be embedded at the SOClevel (e.g., embedded on the SOC chip set).

The connection manager component 230 can facilitate controlling theestablishing of communication connections between an application (andthe UE 202) and the communication network 206 and/or a communicationdevice associated with the communication network 206. The connectionmanager component 230 can operate to facilitate adaptively controllingcertain resources (e.g., secure, embedded, and/or proprietary functionalblocks) of the UE 202, for example, when using applications. Theconnection manager component 230 also can facilitate adaptivelycontrolling operation of the applications (e.g., 208, 210, 212, etc.)and the UE 202, and enhancing use of network resources of thecommunication network 206 in connection with use of applications by theUE 202 (e.g., by enabling dynamic communication-network optimization orenhancement practices), in accordance with defined communicationenhancement criteria.

In accordance with various aspects and implementations, the connectionmanager component 230 can perform a variety of functions based at leastin part on the connection manager component 230 being aware ofnetwork-related information and/or traffic flow-related information andexposing such information to various APIs (e.g., which can be called toperform tasks) of the interface component 228 to facilitate performingthe various functions. For instance, the connection manager component230 can interact with applications (e.g., 208, 210, 212, etc.) and usersof UEs (e.g., 202) via APIs, controls, components, etc. (e.g.,network-aware APIs, controls, components, etc.), as more fully disclosedherein. The connection manager component 230 also can monitor the signalstrength for each access network of the communication network 206 tofacilitate determining whether or when to make a hand-off of the UE 202from one access network to another access network and/or determining howthe respective operations of the respective functional blocks are to becontrolled, in accordance with the defined communication enhancementcriteria. The connection manager component 230 also can facilitatetriggering hand-offs of the UE 202 from one access network to anotheraccess network.

In some implementations, the connection manager component 230 canperform access arbitration to facilitate arbitrating between differentaccess networks to facilitate determining which access network the UE202 is to utilize, link arbitration to facilitate arbitrating betweendifferent communication links to facilitate determining which link theUE 202 is to use to communicate traffic, and/or QOS arbitration tofacilitate arbitrating between different QOS requests associated withdifferent traffic flows or applications to facilitate determiningrespective QOS parameters for the respective traffic flows orapplications. The connection manager component 230 also can perform datasynchronization to synchronize data being respectively communicatedusing respective applications (e.g., 208, 210, and/or 212, etc.)employed by the UE 202.

The connection manager component 230 also can provide network awarenessto the applications (e.g., 208, 210, 212, etc.) by providing (e.g.,presenting, exposing, communicating, etc.) network-related informationand/or traffic flow-related information to the applications (e.g., 208,210, 212, etc.), as more fully disclosed herein. The connection managercomponent 230 further determine and generate recommendations forenhanced operation conditions (e.g., in accordance with enhanced oroptimized practices), and can provide such recommendations for enhancedoperation conditions to the applications and/or users of the UEs (e.g.,202), as more fully disclosed herein.

The kernel component 232 can facilitate performing various kernelfunctions in connection with operation of the UE 202. The CM kernelcomponent 232 can comprise a dedicated kernel that can facilitateperforming certain operations comprising, for example, managing certaininput/output data requests (e.g., from software and/or an application),translating certain requests into instructions (e.g., data processinginstructions) for execution by a processor component or other component(e.g., a functional block(s)) of the UE 202, etc.

The resource manager component 234 can facilitate performing resourcemanager-related functions for the UE 202. For example, the resourcemanager component 234 can facilitate managing certain resources (e.g.,functional blocks comprising baseband functions, modem blocks comprisingmodem functions, etc.) contained on (e.g., embedded at the SOC level on)the UE 202 and/or performing other desired operations in connection withsuch resources of the UE 202.

The system 200 also can employ 3G, 4G, and wi-fi technology tofacilitate voice and data communications, wherein 3G drivers, 4Gdrivers, and wi-fi drivers can be used by the UE 202 to facilitatecommunicating voice or data via a 3G, 4G, or wi-fi wirelesscommunication connection, respectively. The resource manager component234 (e.g., interconnect baseband manager) can be associated with the 3Gdrivers, 4G drivers, wi-fi drivers, and connection manager component230. The resource manager component 234 can facilitate controllingoperation (e.g., controlling switching or operational modes) of therespective functional blocks (e.g., embedded baseband functions) of theset of functional blocks (functional block₁ 222, functional block₂ 224,functional block_(j) 226, etc.) of the functional block component 220,as more fully disclosed herein.

In some implementations, the connection manager component 230 and/orresource manager component 234 can facilitate controlling access to thetrusted memory component 216 and the data stored therein, in accordancewith the defined communication enhancement criteria. For instance, theconnection manager component 230 and/or resource manager component 234can allow access to data and/or expose data stored in the trusted memorycomponent 216 to applications (e.g., certified and/or authenticatedapplications) determined to be trusted by the CM kernel component 214,wherein the data stored in the trusted memory component 216 can beexposed to a trusted application via one or more interfaces (e.g., APIs)of the interface component 228.

The cache manager component 236 can facilitate controlling access to anduse of the cache component 238, which can be used to cache ortemporarily store data associated with an application (e.g., 208) or UEuser. The cache component 238 can comprise a set of memory buffers(e.g., buffer memory sub-components) that can be employed to store(e.g., temporarily store) data and provide stored data. The cachecomponent 238 can comprise volatile and/or nonvolatile memory.

Information associated with an application (e.g., 208) can be stored inthe cache component 238 for a variety of reasons, such as, for example,desiring to temporarily store data in the cache component 238 until aparticular condition(s) occurs, enabling various of pieces to becollected and stored in the cache component 238 until all desired piecesof data have been collected, etc. The cache manager component 236 canstore the set of information associated with the application (e.g., 208)in the cache component 238. The set of information can comprise datarelating to the application (e.g., 208), UE user, communication network206, or other factors or entities. The cache manager component 236 canreceive (e.g., from the application, communication network 206, user,etc.), and/or the CM kernel component 214 or resources (e.g., functionalblock(s)) associated with the CM kernel component 214 can generateinformation that can be included in the set of information stored in thecache component 238.

The cache manager component 236 can specify and set the condition(s) orcan receive condition setting information from the application (e.g.,208) or user that can facilitate setting or specifying the condition(s)by the cache manager component 236. The condition(s) can relate to anetwork-related condition associated with the communication network 206,a traffic flow-related condition associated with the traffic flow, aUE-related condition associated with the UE 202, an application-relatedcondition associated with the application (e.g., 208), a user-relatedcondition associated with the UE user, and/or another type of condition(e.g., condition(s) relating to a date, an amount or type of data,etc.).

The cache manager component 236 can set the type of processing to beperformed on the set of information in response to an occurrence of thecondition(s) relating to the processing of the set of information. Thetype of processing can be set based at least in part onprocessing-related information received from the application or user, orcan be determined by the CM kernel component. In some implementations,depending in part on the information being collected, the application(e.g., 208), the condition(s) associated with storing the set ofinformation, and/or the type of processing to be performed on the set ofinformation, information can continue to be collected and stored in thecache component 238 with the set of information, for example, until thecondition(s) has been satisfied, has been detected, or has occurred.

The cache manager component 236 can monitor or track the conditionsassociated with the communication network, traffic flow, communicationdevice, application, user, and/or other type(s) of condition, tofacilitate determining or detecting whether the condition(s) associatedwith the set of information has been satisfied, has been detected, orhas occurred. If the cache manager component 236 or another component(e.g., connection manager component 230, resource manager component 234,a sensor(s) (e.g., traffic load sensor, network-congestion sensor,etc.), etc.) detect or determine that the condition(s) has beensatisfied or has occurred, the cache manager component 236 canfacilitate processing the set of information, and/or providing the setof information to another component (e.g., functional block,application, etc.) for processing, based at least in part on the type ofprocessing to be performed on the set of information.

For example, the type of processing can be to retrieve the set ofinformation from the cache component 238 and transmit the set ofinformation to the application or user. In such instance, the cachemanager component 236 can retrieve or read the set of information fromthe cache component 238 and can transmit the set of information to theapplication (e.g., 208) or to the UE user via a desired interface.

As another example, the type of processing can be to retrieve the set ofinformation from the cache component, perform one or more operations(e.g., evaluations, calculations, compression or decompression,encryption or decryption, DRM-related operations, etc.) on the set ofinformation to generate processed information, and transmit theprocessed information to the application or user. In such instance, thecache manager component 236 can retrieve or read the set of informationfrom the cache component 238, can send the set of information to one ormore functional blocks (e.g., 222, 224, and/or 226), wherein one or moreoperations can be performed on the set of information by the one or morefunctional blocks to generate processed data based at least in part onthe type of processing to be performed on the set of information. Theconnection manager component 230 and/or resource manager component 234can facilitate communicating the processed data and/or the set ofinformation from the one or more functional to the application (e.g.,208) or to the UE user via a desired interface.

FIG. 3 illustrates a diagram of an example system 300 that canfacilitate adaptively controlling access to and use of trusted memoryand resources (e.g., functional blocks) used for applications employedby communication devices (e.g., UEs) in a communication network, inaccordance with various aspects and embodiments described herein. Thesystem 300 can be part of a UE, for example, to facilitate enhancedcommunications by the UE in a communication network. The system 300 cancomprise a CM kernel component 302 that can perform various functions tofacilitate adaptively controlling access to and use of trusted memoryand adaptively controlling functional blocks, comprising secure and/orembedded functional blocks, to facilitate desired (e.g., enhanced,optimal, favorable, acceptable, etc.) operation of the UE and/or thecommunication network, as more fully disclosed herein.

The system 300 also can comprise an OS kernel component 304 that can beassociated with an OS kernel interface component 306. The OS kernelcomponent 304 (e.g., rich OS kernel) can be employed to facilitateperforming operations by the UE, including, for example, managinginput/output data requests (e.g., from software and/or an application),translating requests into instructions (e.g., data processinginstructions) for execution by a processor component or other componentof the UE, etc. The OS kernel component 304 can be associated with(e.g., communicatively connected to) the CM kernel component 114 (e.g.,via the OS kernel interface component 306, a bus, and/or an interface(e.g., baseband service interface component 310)).

The system 300 also can comprise a policy application framework 308 thatcan be employed to store policy data and other information that canfacilitate adaptively controlling operation of the functional blocks(e.g., embedded functional blocks) and/or other resources of the UE tofacilitate desired operation of the UE and/or the communication network,as more fully disclosed herein. The policy data can comprisenetwork-related data and/or traffic flow-related data, for example. TheCM kernel component 302 can update the policy data based in part onadditional or new network-related data and/or traffic flow-related datareceived from various network-aware APIs, controls, components, etc.

The CM kernel component 302 can access the policy data maintained in thepolicy database or table stored in a data store of the policyapplication framework 308 via an interface component (e.g., the basebandservice interface component 310) and/or a bus. The CM kernel component302 can facilitate controlling operation of the respective functionalblocks (e.g., embedded functional blocks) based at least in part on thepolicy data. The CM kernel component 302 also can facilitate determiningwhether an application is a trusted or certified application and/orcontrolling access by an application (e.g., trusted or certifiedapplication) to the trusted memory component (not shown in FIG. 3) orthe cache memory (not shown in FIG. 3) based at least in part on thepolicy data.

The baseband service interface component 310 (e.g., micro core basebandservice interface) can be associated with (e.g., communicativelyconnected to) the CM kernel component 302 to facilitate enabling the CMkernel component 302 to access or interact with the resource managercomponent 312 (e.g., which can be at the baseband level), long termevolution (LTE) drivers 314 (e.g., 4G drivers), 3G drivers 316, wi-fidrivers 318, and enhancement (e.g., optimization) embedded drivers 320.The resource manager component 312 can be associated with and canfacilitate managing various resources, such as LTE resources 322, 3Gresources 324, and wi-fi resources 326, wherein at least a portion ofthe resources can be functional blocks that can perform various types offunctions (e.g., data compression, location detection, data encryption,etc.). It is to be appreciated and understood that, while the basebandservice interface component 310 and the resource manager component 312are depicted in FIG. 3 as being separate components from the CM kernelcomponent 302, the disclosed subject matter is not so limited. Inaccordance with various implementations, the CM kernel component cancomprise the baseband service interface component and/or the resourcemanager component (e.g., as depicted in FIG. 2).

The CM kernel component 302 can be associated with an API component 328that can be or can comprise an application service interface, and canmake available various APIs (e.g., open and/or network-aware APIs) thatcan be employed to facilitate obtaining network-related informationand/or traffic flow-related information that can be used by the CMkernel component 302 to facilitate controlling, and makingdeterminations regarding, operation of functional blocks, such as theembedded functional blocks, as more fully disclosed herein.

The system 300 also can comprise a plurality of applications, such asapplication 330, application 332, and application 334, that can performvarious functions or services (e.g., process data, present video oraudio content, communicate or receive voice or data, etc.). Theapplications (e.g., 330, 332, 334, etc.) can be associated with aservice provisioning and activation layer or component 336, which can beassociated with the API component 328. Via the service provisioning andactivation layer or component 336, the applications (e.g., 330, 332,334, etc.) and/or UE user can be exposed to or can accessnetwork-related information and traffic flow-related information, suchas the information obtained or derived by the APIs of the API component328. The applications (e.g., 330, 332, 334, etc.) and/or UE user canreview operation recommendations received from the CM kernel component302 and/or can make decisions or determinations regarding the operationof the application and/or functional blocks, as more fully disclosedherein.

FIG. 4 depicts a block diagram of an example CM kernel component 400 inaccordance with various aspects and embodiments of the disclosed subjectmatter. The CM kernel component 400 can be employed by a UE tofacilitate adaptively controlling access to and use of trusted memoryand operation of resources, such as functional blocks (e.g., embedded orsecure functional blocks), of the UE, in accordance with various aspectsand embodiments described herein.

The CM kernel component 400 can comprise a monitor component 402 thatcan monitor or track activity, behavior, and/or traffic flows (e.g.,voice or data traffic flows) associated with the UE. The monitorcomponent 402 also can monitor or track network-related conditions(e.g., network state information, network-related triggers,network-related controls, etc.) associated with the communicationnetwork. The monitor component 402 can monitor or track signal strengthfor each access network of the communication network.

The CM kernel component 400 can include an aggregator component 404 thatcan aggregate data received (e.g., obtained) from various entities(e.g., monitor component 402 or another component(s) of the CM kernelcomponent 400, communication network, application, a server or othercommunication device, processor, data store, etc.). The aggregatorcomponent 404 can correlate respective items of data based at least inpart on type of data (e.g., video content, audio content, textual data,metadata, etc.), application to which the data relates, source of thedata, time or date the data was generated or received, etc., tofacilitate analyzing of the data by the analyzer component 406. Forexample, the aggregator component 404 can aggregate data relating to anapplication and/or other data (e.g., data relating to the communicationnetwork) to facilitate determining whether respective functional blocks(e.g., embedded or secure functional blocks) of a subset of functionalblocks associated with the CM kernel component 400 are to be enabled(e.g., switched to an on state) or disabled (e.g., switched to an offstate) in connection with the application.

The CM kernel component 400 can include the analyzer component 406,which can analyze data to facilitate determining whether an applicationis a trusted and/or certified application, determining whether anapplication is permitted to access the trusted memory component orresources in the trusted zone environment of the UE, determining whetherrespective functional blocks of a subset of functional blocks (e.g.,associated with the CM kernel component 400) are to be enabled ordisabled, generating a recommendation regarding the enabling ordisabling of respective blocks in connection with an application,controlling the enabling and disabling of respective functional blocks,providing or exposing network-related information and trafficflow-related information to an application(s) or a user, etc., and cangenerate analysis results, based at least in part on the data analysis.For example, the analyzer component 406 can analyze information relatingto network-related information and traffic flow-related informationassociated with the communication network and/or UE, and can generateanalysis results that can facilitate determining whether respectivefunctional blocks of a subset of functional blocks (e.g., associatedwith the kernel component) are to be enabled or disabled in connectionwith an application used by the UE.

The CM kernel component 400 can include an exposer component 408 thatcan provide, present, or expose information to applications of the UE, auser of the UE, or various components of the UE. The exposer component408 can facilitate providing, presenting, or exposing information storedin the trusted memory component (e.g., to a trusted application) and/orinformation stored in the cache component. The exposer component 408also can provide, present, or expose information relating to variousfunctional blocks (e.g., embedded or secure functional blocks) that areavailable on the UE (e.g., in the partitioned area of the UE via thekernel component) to applications of the UE and/or the UE user. Theexposer component 408 further can provide, present, or exposenetwork-related information (e.g., network conditions, network states,network-related notifications, network events, network triggers, etc.)and traffic flow-related information (e.g., traffic flow associated withthe UE) to applications of the UE and/or the UE user.

In accordance with various implementations, the CM kernel component 400also can comprise a connection manager component 410, a kernel component412, a resource manager component 414, and a cache manager component416. The respective components (e.g., connection manager component 410,kernel component 412, resource manager component 414, cache managercomponent 416) can comprise the respective features and functions, suchas more fully described herein.

The CM kernel component 400 can comprise an operation enhancementcomponent 418 that can facilitate determining whether respectivefunctional blocks (e.g., embedded or secure functional blocks) of thesubset of functional blocks associated with the kernel component are tobe enabled or disabled in connection with the application, based atleast in part on analysis results relating to an analysis of thenetwork-related information and the traffic flow-related information, inaccordance with the defined communication enhancement criteria. Theoperation enhancement component 418 can facilitate controlling (e.g.,adaptively controlling) the operation (e.g., switching states oroperational modes) of the functional blocks based at least in part on adetermination regarding whether respective functional blocks of thesubset of functional blocks associated with the kernel component are tobe enabled or disabled. The operation enhancement component 418 canfacilitate generating and sending, to the kernel component 412,instructions indicating respective switching states or operational modesthat are to be used for respective functional blocks associated with theCM kernel component 400.

The operation enhancement component 418 also can generate an operationenhancement recommendation relating to an enhanced operation condition(e.g., a preferred enhanced operation condition), and can facilitatesending the operation enhancement recommendation to an application or UEuser for consideration. The operation enhancement recommendation canspecify desirable (e.g., preferred, optimal, enhanced, favorable, etc.)respective switching states or operational modes that can be used forrespective functional blocks associated with the CM kernel component 400in connection with an application, in accordance with the definedcommunication enhancement criteria.

The CM kernel component 400 also can comprise an interface component 420that can comprise one or more interfaces, including APIs (e.g., open ornetwork-aware APIs), and/or can interact with one or more interfaces,including APIs that can facilitate obtaining network-related informationand traffic flow-related information. The APIs associated with theinterface component 420 also can facilitate communicating or exposingthe network-related information and traffic flow-related information toapplications or users associated with the UE. For example, the interfacecomponent 420 or another component of the CM kernel component 400 cancall or initialize an API associated with the interface component 420 tofacilitate having that API perform one or more functions that the API isconfigured to perform. The APIs can comprise, for example, atraffic-load-aware API(s), a network-congestion-aware API(s), anetwork-state notification API(s), an application-state notificationAPI(s), a data-delivery-service API(s) (e.g., atime-shift-data-delivery-service API), and/or other network-aware APIs,among other APIs that can be employed by or interacted with by theinterface component 420.

The CM kernel component 400 also can include a synchronization component422 that can perform data synchronization to synchronize data beingrespectively communicated using respective applications employed by theUE. For example, the data synchronization can be performed with respectto data delivery in connection with an application, wherein the CMkernel component 400 can facilitate scheduling data delivery (e.g.,adjusting scheduling of data delivery, time-shifting data delivery(e.g., micro-shifting data delivery, macro-shifting data delivery)) toor from the UE in connection with an application.

The CM kernel component 400 can comprise an authentication component 424that can facilitate authenticating the kernel component 412 of the UE,an application associated with the UE, a user associated with the UE,and/or other entities or components associated with the UE based atleast in part on respective credentials of the kernel component 412,applications, UE users, or other entities or components associated withthe UE. For instance, the authentication component 424 can performauthentication on the application to facilitate determining whether theapplication is a trusted or certified application, and/or can performauthentication on the kernel component 412, UE user, and/or applicationto facilitate determining whether access to and use of the subset offunctional blocks (e.g., embedded or secure functional blocks)associated with the CM kernel component 400 is to be permitted orgranted to the UE user or application. The authentication component 424can request that the kernel component 412, UE user, or applicationprovide authentication information (e.g., a valid authenticationcredential, a valid authentication or security token, applicationcertification-related information, etc.) that can indicate that the UEuser or application is authorized to access and use the subset offunctional blocks associated with the CM kernel component 400, and/orcan indicate that the application is a trusted or certified applicationthat can be permitted to access the trusted zone environment of the UE,including the trusted memory component, the cache component, and/or theset of functional blocks.

The authentication component 424 can analyze the received authenticationinformation, and can compare such authentication information to storedauthentication information (e.g., stored in the data store) tofacilitate determining whether the received authentication informationmatches stored authentication information associated with (e.g., mappedto) the UE user or application. With respect to whether an applicationis trusted or certified, if the received authentication informationand/or certification information matches the corresponding storedauthentication information and/or certification information, theauthentication component 424 can determine that the application is atrusted and/or certified application, and can grant access rights to theapplication to access or use the trusted memory component and/or thecache component, and/or the data respectively stored therein. If thereceived authentication information and/or certification informationdoes not match the corresponding stored authentication informationand/or certification information, the authentication component 424 candetermine that the application is not a trusted and/or certifiedapplication, and can deny access to the trusted memory component and/orthe cache component, and/or the data respectively stored therein.

With respect to the functional blocks, if the received authenticationinformation matches the corresponding stored authentication information,the authentication component 424 can grant access rights to the UE useror application to use the subset of functional blocks, wherein the CMkernel component 400 can be employed to facilitate controlling theswitching states or operational modes of the functional blocks of thesubset of functional blocks in connection with operation of theapplication. If the received authentication information does not matchthe corresponding stored authentication information, the authenticationcomponent 424 can deny use of the subset of functional blocks to the UEuser or application and/or the subset of functional blocks can remaininvisible to the UE user, application, and/or other components of the UEin the open area of the UE.

Access or use rights to the subset of functional blocks associated withthe CM kernel component 400 can be limited to users or applicationsassociated with a particular communication service provider, forexample, wherein, if communication services are being provided to the UEvia the particular communication service provider, the subset offunctional blocks can be available for use by the UE, UE user, orapplication, and, if communication services are being provided to the UEvia another communication service provider, the authentication component424 can restrict or deny access to and use of the subset of functionalblocks associated with the kernel component. For instance, theparticular service provider can provide the kernel component 412 with atoken or other authentication information (e.g., a security token orother authentication credential), and the kernel component 412 canprovide that token to the connection manager component 410 and/or theauthentication component 424 to facilitate authenticating the UE user,application, and/or kernel component 412.

The CM kernel component 400 can include an arbitrator component 426 thatcan arbitrate between respective features, between respective functions,between respective techniques, between QOSs, between respective links,etc. For example, the arbitrator component 426 can perform accessarbitration to facilitate arbitrating between different access networksto facilitate determining which access network the UE is to utilize. Thearbitrator component 426 can perform link arbitration to facilitatearbitrating between different communication links to facilitatedetermining which link the UE is to use to communicate traffic. Thearbitrator component 426 also can perform QOS arbitration to facilitatearbitrating between different QOS requests associated with differenttraffic flows or applications to facilitate determining respective QOSparameters for the respective traffic flows or applications.

The CM kernel component 400 can comprise a processor component 428 thatcan work in conjunction with the other components (e.g., monitorcomponent 402, aggregator component 404, analyzer component 406, etc.)to facilitate performing the various functions of the CM kernelcomponent 400. The processor component 428 can employ one or moreprocessors, microprocessors, or controllers that can process data, suchas information relating to applications, users, the communicationnetwork, traffic flows, interfaces, APIs, functional blocks, determiningwhether to switch on or off or change operational modes of functionalblocks, authentication, mappings, policies, defined communicationenhancement criteria, algorithms, protocols, interfaces, tools, and/orother information, to facilitate operation of the CM kernel component400, as more fully disclosed herein, and control data flow between theCM kernel component 400 and other components (e.g., communicationnetwork, base station, an application, a server or other communicationdevice, a cloud, etc.) associated with the CM kernel component 400.

The CM kernel component 400 also can include a data store 430 that canstore data structures (e.g., user data, metadata), code structure(s)(e.g., modules, objects, hashes, classes, procedures) or instructions,information relating to applications, users, the communication network,traffic flows, interfaces, APIs, functional blocks, determining whetherto switch on or off or change operational modes of functional blocks,authentication, mappings, policies, defined communication enhancementcriteria, algorithms, protocols, interfaces, tools, and/or otherinformation, to facilitate controlling operations associated with the CMkernel component 400. In an aspect, the processor component 428 can befunctionally coupled (e.g., through a memory bus) to the data store 430in order to store and retrieve information desired to operate and/orconfer functionality, at least in part, to the monitor component 402,aggregator component 404, analyzer component 406, etc., and/orsubstantially any other operational aspects of the CM kernel component400.

FIG. 5 depicts a block diagram of an example kernel component 500 inaccordance with various aspects and embodiments of the disclosed subjectmatter. The kernel component 500 can be employed by a UE to facilitatecontrolling (e.g., adaptively controlling) operation of resources, suchas functional blocks (e.g., embedded or secure functional blocks) andmodem functions, of the UE, in accordance with various aspects andembodiments described herein.

The kernel component 500 can comprise a communicator component 502 thatcan facilitate controlling communication of data between the functionalblocks associated with the kernel component 500 and the connectionmanager component, applications, processor component, and/or data store,etc. The communicator component 502 also can facilitate controllingcommunication of data between dedicated memory associated with thekernel component 500 and the connection manager component, applications,processor component, and/or data store, etc. The communicator component502 further can facilitate controlling communication of data between adedicated processor component or dedicated processor resourcesassociated with the kernel component 500 and the connection managercomponent, applications, processor component, and/or data store, etc.The communicator component 502 also can facilitate establishing securecommunication between the kernel component 500 and the communicationnetwork to facilitate desired (e.g., proper, acceptable, enhanced,optimal, etc.) cross-layer enhancement or optimization practices, inaccordance with the defined communication enhancement criteria,including practices or capabilities relating to, for example,compression and decompression of data, rate shaping, event notificationto the communication and event notification from the communicationnetwork to UE subsystems or components of the UE.

The kernel component 500 also can comprise an interface component 504that can facilitate providing various interfaces, tools, and/orprotocols to, for example, the connection manager component,applications associated with the UE, and/or processor component, etc.,to facilitate enabling the kernel component 500 and/or the othercomponents perform various functions that can facilitate enhancing theoperation of the UE and the communication network, including desirablyand adaptively controlling operation of the functional blocks associatedwith the kernel component 500, in accordance with the definedcommunication enhancement criteria.

The kernel component 500 also can comprise an API component 506 that cancomprise or can interact with various APIs (e.g., open or network-aware)APIs) that can perform various functions and can facilitate obtainingnetwork-related information (e.g., network conditions, states,notifications, events, triggers, etc.) and traffic flow-relatedinformation (e.g., traffic flow-related conditions, states,notifications, events, triggers, etc.) associated with the communicationnetwork or UE. The APIs associated with the API component 506 canfacilitate communicating or exposing the network-related information andtraffic flow-related information to applications or users associatedwith the UE. For example, the API component 506 or another component ofor associated with the kernel component 500 can call or initialize anAPI associated with the API component 506 to facilitate having that APIperform one or more functions that the API is configured to perform. TheAPIs can comprise, for example, a traffic-load-aware API(s), anetwork-congestion-aware API(s), a network-state notification API(s), anapplication-state notification API(s), a data-delivery-service API(s)(e.g., a time-shift-data-delivery-service API), and/or othernetwork-aware APIs, among other APIs that can be employed by orinteracted with by the API component 506.

The kernel component 500 can comprise a functional block managercomponent 508 that can facilitate controlling operation of therespective functional blocks of a subset of functional blocks (e.g.,embedded, secure, or proprietary) associated with the kernel component500. For instance, the functional block manager component 508 canfacilitate controlling the respective switching states (e.g., on state,off state) or operational modes (e.g., first type of operational mode,second type of operational mode, etc.) of the respective functionalblocks of the subset of functional blocks, in accordance with thedefined communication enhancement criteria. The various functionalblocks can perform respective functions (e.g., data compression ordecompression, location detection, data encryption or decryption,interference mitigation, etc.), such as more fully described herein.

In some implementations, the kernel component 500 can include anauthentication facilitator component 510 that can comprise one or moretokens, such as authentication or security tokens, or authenticationinformation that can facilitate controlling access to and use of thesubset of functional blocks by applications and a UE user. For instance,the one or more tokens, or authentication information, can be employedto facilitate authenticating the kernel component 500, an application,or a UE user with the connection manager component of the UE tofacilitate enabling access to and use of the functional blocks of thesubset of functional blocks during operation of the UE (e.g., operationof an application associated with the UE) in the communication network.In certain implementations, access or use rights to the subset offunctional blocks associated with the kernel component 500 can belimited to users or applications associated with a particularcommunication service provider, for example, wherein, if communicationservices are being provided to the UE via the particular communicationservice provider, the subset of functional blocks can be available foruse by the UE, UE user, or application, and, if communication servicesare being provided to the UE via another communication service provider,access to and use of the subset of functional blocks associated with thekernel component 500 can be restricted or prohibited. For example, theparticular service provider can provide the kernel component 500 with atoken or other authentication information (e.g., a security token orother authentication credential), and the kernel component 500 canprovide that token to the connection manager component to facilitateauthenticating the UE user, application, and/or kernel component 500.

The kernel component 500 can comprise a processor component 512 that canwork in conjunction with the other components (e.g., communicatorcomponent 502, interface component 504, API component 506, etc.) tofacilitate performing the various functions of the kernel component 500.The processor component 512 can employ one or more processors,microprocessors, or controllers that can process data, such asinformation relating to applications, users, the communication network,traffic flows, APIs, functional blocks, determining whether to switch onor off or change operational modes of functional blocks, authentication,policies, defined communication enhancement criteria, algorithms,protocols, interfaces, tools, and/or other information, to facilitateoperation of the kernel component 500, as more fully disclosed herein,and control data flow between the kernel component 500 and othercomponents (e.g., connection manager component, kernel interfacecomponent, functional blocks, communication network, base station, anapplication, a server or other communication device, a cloud, etc.)associated with the kernel component 500.

The kernel component 500 also can include a data store 514 that canstore data structures (e.g., user data, metadata), code structure(s)(e.g., modules, objects, hashes, classes, procedures) or instructions,information relating to applications, users, the communication network,traffic flows, APIs, functional blocks, determining whether to switch onor off or change operational modes of functional blocks, authentication,policies, defined communication enhancement criteria, algorithms,protocols, interfaces, tools, and/or other information, to facilitatecontrolling operations associated with the kernel component 500. In anaspect, the processor component 512 can be functionally coupled (e.g.,through a memory bus) to the data store 514 in order to store andretrieve information desired to operate and/or confer functionality, atleast in part, to the communicator component 502, interface component504, API component 506, etc., and/or substantially any other operationalaspects of the kernel component 500.

FIG. 6 illustrates a block diagram of an example communication network600 in accordance with various aspects and embodiments of the disclosedsubject matter. The communication network 600 can include a core network602 (e.g., mobile core network) that can facilitate communications byUEs wirelessly connected to the communication network 600. A UE can becommunicatively connected to the core network 602 via an AP (e.g., basestation). The core network 602 can facilitate wireless communication ofvoice and data associated with communication devices, such as UEs,associated with the communication network 600. The core network 602 canfacilitate routing voice and data communications between UEs and/orother communication devices (e.g., phone, computer, email server,multimedia server, audio server, video server, news server, financial orstock information server, other communication devices associated with anIP-based network 604 (e.g., the Internet), etc.) associated with thecommunication network 600. The core network 602 also can allocateresources to the UEs associated with the communication network 600 inthe communication network environment, convert or enforce protocols,establish and enforce QoS for the UEs, provide applications or servicesin the network, translate signals, and/or perform other desiredfunctions to facilitate system interoperability and communication in thewireless communication network. The core network 602 further can includedesired components, such as routers, nodes (e.g., general packet radioservice (GPRS) nodes, such as serving GPRS support node (SGSN), gatewayGPRS support node (GGSN), etc.), switches, interfaces, controllers,etc., that can facilitate communication of data between communicationdevices associated with the communication network 600.

The communication network 600 can include the IP-based network 604,which can facilitate communications by communication devices (e.g., UEs)that are connected to the communication network 600 via a wirelessconnection, or a wireline or landline connection. For example, a UE canbe communicatively connected to the IP-based network 604 via a wirelesscommunication connection with the core network 602, wherein the UE cancommunicate with other communication devices connected to thecommunication network 600. A UE can transmit messages, use applications,access or download content, etc., via the core network 602 and/or theIP-based network 604, or another communication network (not shown).

The communication network 600 can contain a network management component606 that can control operations and functions associated with thecommunication network 600. The network management component 606 also cantrack, and analyze information relating to, resource usage by thecommunication network 600, particularly the core network 602, inrelation to servicing the UE or other UEs, resource usage by a UEassociated with the communication network 600, wireless statetransitions associated with the UE or other UEs, user behavior oractivity, application behavior or activity, and/or other factors, tofacilitate controlling operations and functions associated with thecommunication network 600. The network management component 606 also canfacilitate presenting or making available information (e.g.,network-related information, traffic flow-related information, etc.)relating to the communication network 600 to UEs associated with thecommunication network 600 to facilitate enhanced operation of the UEsand the communication network 600, in accordance with the definedcommunication enhancement criteria. The network management component 606can facilitate applying communication enhancement rules (e.g., based onor corresponding to the defined communication enhancement criteria),protocols, and/or algorithms, to facilitate controlling and/or enhancingoperation of the communication network 600.

The communication network 600 also can include a processor component 608that can work in conjunction with (and/or be part of) the othercomponents (e.g., core network 602, IP-based network 604, networkmanagement component 606, etc.) to facilitate performing the variousfunctions of the communication network 600. The processor component 608can employ one or more processors, microprocessors, or controllers thatcan process data, such as information relating to wireless or wirelinecommunications; applications; users; network-related conditions, states,or events; traffic flow-related conditions, states, or events; networkresources or functions; a mapping; and/or other information, tofacilitate operation of the communication network 600, as more fullydisclosed herein, and control data flow between the communicationnetwork 600 and other components (e.g., UE, base station, anapplication, a server or other communication device, a cloud, etc.)associated with the communication network 600.

The communication network 600 also can include a data store 610 that canstore data structures (e.g., user data, metadata), code structure(s)(e.g., modules, objects, hashes, classes, procedures) or instructions,information relating to wireless or wireline communications;applications; users; network-related conditions, states, or events;traffic flow-related conditions, states, or events; network resources orfunctions; a mapping; and/or other information, to facilitatecontrolling operations associated with the communication network 600. Inan aspect, the processor component 608 can be functionally coupled(e.g., through a memory bus) to the data store 610 in order to store andretrieve information desired to operate and/or confer functionality, atleast in part, to the core network 602, IP-based network 604, networkmanagement component 606, etc., and/or substantially any otheroperational aspects of the communication network 600.

FIG. 7 depicts a block diagram of an example UE 700 in accordance withan aspect of the disclosed subject matter. In an aspect, the UE 700 canbe a multimode access terminal, wherein a set of antennas 769 ₁-769 _(Q)(Q is a positive integer) can receive and transmit signal(s) from and towireless devices like access points, access terminals, wireless portsand routers, and so forth, that operate in a radio access network. Itshould be appreciated that antennas 769 ₁-769 _(Q) can be part of thecommunication platform 702, which can comprise electronic components andassociated circuitry that can provide for processing and manipulation ofreceived signal(s) and signal(s) to be transmitted, e.g., by receiversand transmitters 704, multiplexer/demultiplexer (mux/demux) component706, and modulation/demodulation (mod/demod) component 708.

In another aspect, the UE 700 can include a multimode operationchipset(s) 710 that can allow the UE 700 to operate in multiplecommunication modes in accordance with disparate technical specificationfor wireless technologies. In an aspect, multimode operation chipset(s)710 can utilize communication platform 702 in accordance with a specificmode of operation (e.g., voice, GPS). In another aspect, multimodeoperation chipset(s) 710 can be scheduled to operate concurrently (e.g.,when Q>1) in various modes or within a multitask paradigm.

In accordance with various implementations, the UE 700 can comprise a CMkernel component 712, an application component 714, a trusted memorycomponent 716, a cache component 718, a functional block component 720(e.g., comprising a set of functional blocks (e.g., embedded or securefunctional blocks, and/or open functional blocks), and an OS kernelcomponent 722. The respective components (e.g., CM kernel component 712,application component 714, trusted memory component 716, cache component718, functional block component 720, OS kernel component 722) cancomprise the respective features and functions, such as more fullydescribed herein.

The UE 700 also can include a processor(s) 724 that can be configured toconfer functionality, at least in part, to substantially any electroniccomponent within the UE 700, in accordance with aspects of the disclosedsubject matter. The processor(s) 724 can facilitate enabling the UE 700to process data (e.g., symbols, bits, or chips) formultiplexing/demultiplexing, modulation/demodulation, such asimplementing direct and inverse fast Fourier transforms, selection ofmodulation rates, selection of data packet formats, inter-packet times,etc. The processor(s) 724 also can facilitate enabling the UE 700 toprocess data relating to messaging, voice calls, applications, services,wireless states, users, the communication network (e.g., network-relatedconditions, states, notifications, events, etc.), traffic flows (e.g.,traffic flow-related conditions, states, notifications, events, etc.),APIs, functional blocks, determining whether to switch on or off orchange operational modes of functional blocks, authentication, mappings,defined communication enhancement criteria, etc.

The UE 700 also can contain a data store 726 that can store datastructures (e.g., user data, metadata); code structures (e.g., modules,objects, classes, procedures) or instructions; message hashes; datarelating to messaging, voice calls, applications, services, wirelessstates, users, the communication network (e.g., network-relatedconditions, states, notifications, events, etc.), traffic flows (e.g.,traffic flow-related conditions, states, notifications, events, etc.),APIs, functional blocks, determining whether to switch on or off orchange operational modes of functional blocks, authentication, mappings,defined communication enhancement criteria, and/or other data; userpolicies; network or device information like policies andspecifications; attachment protocols; code sequences for scrambling,spreading and pilot (e.g., reference signal(s)) transmission; frequencyoffsets; cell IDs; encoding algorithms; compression algorithms; decodingalgorithms; decompression algorithms; etc. In an aspect, theprocessor(s) 724 can be functionally coupled (e.g., through a memorybus) to the data store 726 in order to store and retrieve information(e.g., data structures; code structures; instructions; algorithms; datarelating to messaging, voice calls, applications, services, wirelessstates, users, the communication network (e.g., network-relatedconditions, states, notifications, events, etc.), traffic flows (e.g.,traffic flow-related conditions, states, notifications, events, etc.),APIs, functional blocks, determining whether to switch on or off orchange operational modes of functional blocks, authentication, mappings,defined communication enhancement criteria, etc.) desired to operateand/or confer functionality, at least in part, to the communicationplatform 702, multimode operation chipset(s) 710, CM kernel component712, application component 714, trusted memory component 716, cachecomponent 718, functional block component 720, OS kernel component 722,and/or substantially any other operational aspects of the UE 700.

FIG. 8 illustrates a block diagram of an example AP 800 (e.g.,femtocell, picocell, macro base station, etc.) in accordance with anaspect of the disclosed subject matter. The AP 800 can receive andtransmit signal(s) from and to wireless devices like access points(e.g., femtocells, picocells, base stations, etc.), access terminals(e.g., UEs), wireless ports and routers, and the like, through a set ofantennas 869 ₁-869 _(N). In an aspect, the antennas 869 ₁-869 _(N) are apart of a communication platform 802, which comprises electroniccomponents and associated circuitry that can provide for processing andmanipulation of received signal(s) and signal(s) to be transmitted. Inan aspect, the communication platform 802 can include areceiver/transmitter 804 that can convert signal from analog to digitalupon reception, and from digital to analog upon transmission. Inaddition, receiver/transmitter 804 can divide a single data stream intomultiple, parallel data streams, or perform the reciprocal operation.

In an aspect, coupled to receiver/transmitter 804 can be amultiplexer/demultiplexer (mux/demux) 806 that can facilitatemanipulation of signal in time and frequency space. The mux/demux 806can multiplex information (e.g., data/traffic and control/signaling)according to various multiplexing schemes such as, for example, timedivision multiplexing (TDM), frequency division multiplexing (FDM),orthogonal frequency division multiplexing (OFDM), code divisionmultiplexing (CDM), space division multiplexing (SDM), etc. In addition,mux/demux component 806 can scramble and spread information (e.g.,codes) according to substantially any code known in the art, e.g.,Hadamard-Walsh codes, Baker codes, Kasami codes, polyphase codes, and soon. A modulator/demodulator (mod/demod) 808 also can be part of thecommunication platform 802, and can modulate information according tomultiple modulation techniques, such as frequency modulation, amplitudemodulation (e.g., M-ary quadrature amplitude modulation (QAM), with M apositive integer), phase-shift keying (PSK), and the like.

The AP 800 also can comprise a processor(s) 810 that can be configuredto confer and/or facilitate providing functionality, at least partially,to substantially any electronic component in or associated with the AP800. For instance, the processor(s) 810 can facilitate operations ondata (e.g., symbols, bits, or chips) for multiplexing/demultiplexing,modulation/demodulation, such as effecting direct and inverse fastFourier transforms, selection of modulation rates, selection of datapacket formats, inter-packet times, etc., to facilitate between anassociated UE and the communication network.

In another aspect, the AP 800 can include a data store 812 that canstore data structures; code instructions; rate coding information;information relating to measurement of radio link quality or receptionof information related thereto; information relating to establishing acommunications connection between a communication device (e.g., UE) andother communication devices; system or device information like policiesand specifications; code sequences for scrambling; spreading and pilottransmission; floor plan configuration; access point deployment andfrequency plans; scheduling policies; and so on. The processor(s) 810can be coupled to the data store 812 in order to store and retrieveinformation (e.g., information relating to multiplexing/demultiplexingor modulation/demodulation, information relating to radio link levels,information relating to establishing communication connectionsassociated with a UE(s) served by the AP 800, etc.) desired to operateand/or confer functionality to the communication platform 802, and/orother operational components of AP 800.

The aforementioned systems and/or devices have been described withrespect to interaction between several components. It should beappreciated that such systems and components can include thosecomponents or sub-components specified therein, some of the specifiedcomponents or sub-components, and/or additional components.Sub-components could also be implemented as components communicativelycoupled to other components rather than included within parentcomponents. Further yet, one or more components and/or sub-componentsmay be combined into a single component providing aggregatefunctionality. The components may also interact with one or more othercomponents not specifically described herein for the sake of brevity,but known by those of skill in the art.

In view of the example systems and/or devices described herein, examplemethods that can be implemented in accordance with the disclosed subjectmatter can be further appreciated with reference to flowcharts in FIGS.9-13. For purposes of simplicity of explanation, example methodsdisclosed herein are presented and described as a series of acts;however, it is to be understood and appreciated that the disclosedsubject matter is not limited by the order of acts, as some acts mayoccur in different orders and/or concurrently with other acts from thatshown and described herein. For example, a method disclosed herein couldalternatively be represented as a series of interrelated states orevents, such as in a state diagram. Moreover, interaction diagram(s) mayrepresent methods in accordance with the disclosed subject matter whendisparate entities enact disparate portions of the methods. Furthermore,not all illustrated acts may be required to implement a method inaccordance with the subject specification. It should be furtherappreciated that the methods disclosed throughout the subjectspecification are capable of being stored on an article of manufactureto facilitate transporting and transferring such methods to computersfor execution by a processor or for storage in a memory.

FIG. 9 illustrates a flow chart of an example method 900 that canfacilitate controlling (e.g., adaptively controlling) access toinformation and resources (e.g., functional blocks) associated with acommunication device (e.g., UE) in a communication network, inaccordance with various aspects and embodiments described herein. Inaccordance with various aspects, the method 900 can be employed by, forexample, a CM kernel component and/or a trusted memory component of thecommunication device.

At 902, information relating to communication network, traffic flows,and functional blocks of the communication device can be stored in atrusted memory component in a trusted zone environment of thecommunication device. The CM kernel component can facilitate receiving,collecting, or obtaining information relating to communication network,traffic flows, and functional blocks of the communication device, andcan map such information to, and/or store such information in, thetrusted memory component. In some implementations, the CM kernelcomponent can receive, collect, or obtain information from controlregisters and analytics associated with the set of functional blocks ofthe communication device. The CM kernel component also can generateanalytics information relating to the communication network, trafficflows, or the functional blocks based at least in part on information(e.g., a subset of information) relating to communication network,traffic flows, and functional blocks of the communication device. The CMkernel component can store and/or map the information (e.g., receivedinformation, analytics information, etc.) relating to communicationnetwork, traffic flows, and functional blocks of the communicationdevice in or to the trusted memory component of the communicationdevice.

At 904, access to the information stored in the trusted memory componentand access to the functional blocks of the communication device by anapplication associated with the communication device can be controlledbased at least in part on the defined communication enhancementcriteria, comprising a criterion(s) relating to a defined trust levelassociated with access to the trusted memory component and thefunctional blocks. The CM kernel component can control access to theinformation stored in the trusted memory component and access to thefunctional blocks by the application based at least in part on thecriterion(s) (e.g., trust criterion(s)) relating to the defined trustlevel associated with access to the trusted memory component and thefunctional blocks. For instance, if the CM kernel component determinesthat an application satisfies the trust criterion(s), the CM kernelcomponent can determine that the application is a trusted applicationthat has (e.g., satisfies) a defined trust level with the trusted zoneenvironment, including the CM kernel component, trusted memorycomponent, and the set of functional blocks. A trusted application canbe, for example, an application that was obtained (e.g., downloaded)from a trusted application store or source, and/or an application thathas been certified as a trusted application by the CM kernel componentor another authorized certifying entity (e.g., associated with thetrusted application store or source), and/or an application that hasbeen authenticated by the CM kernel component and/or has satisfied anyother applicable criterion(s) specified by the defined trust criteria.

In response to determining that the application is a trustedapplication, the CM kernel component can grant access rights to thetrusted application to allow the trusted application to access theinformation stored in the trusted memory component and access to use oneor more of the functional blocks of the set of functional blocks of thecommunication device. In response to determining that the application isnot a trusted application, the CM kernel component can deny access tothe trusted memory component and/or to all or some of the functionalblocks of the set of functional blocks of the communication device.

FIG. 10 presents a flow chart of an example method 1000 that canfacilitate controlling (e.g., adaptively controlling) functional blocksused by applications that are used by a communication device (e.g., UE)in a communication network, in accordance with various aspects andembodiments described herein. In accordance with various aspects, themethod 1000 can be employed by, for example, a CM kernel component.

At 1002, traffic flow-related conditions and network-related conditionsassociated with the communication device and/or the communicationnetwork can be monitored. The CM kernel component can monitor or trackthe traffic-flow related conditions and the network-related conditions(e.g., network events, network state information, network-relatedtriggers, network-related controls, etc.) associated with thecommunication device and/or the communication network. For instance, theCM kernel component can monitor the activity, behavior, and/or trafficflows (e.g., voice or data traffic flows) associated with thecommunication device and network-related conditions associated with thecommunication network.

At 1004, information relating to the traffic flow-related conditions andthe network-related conditions associated with the communication deviceand/or the communication network can be received or generated. The CMkernel component can receive, collect, obtain, and/or generateinformation relating to the traffic-flow related conditions and thenetwork-related conditions associated with the communication deviceand/or the communication network. For example, the CM kernel componentcan receive or obtain a first subset of information relating to thecommunication network and/or traffic flow that is detected by one ormore sensors or APIs (e.g., API sub-components) associated with thecommunication device, and/or receive or obtain a second subset ofinformation relating to the communication network and/or traffic flowfrom the communication network.

At 1006, the information relating to the traffic flow-related conditionsand the network-related conditions associated with the communicationdevice and/or the communication network can be analyzed. The CM kernelcomponent can analyze the first subset and/or second subset ofinformation, and can generate a third subset of information (e.g.,analytics information) relating to the communication network and/ortraffic flow based at least in part on the results of the analysis. Insome implementations, some of the information received from thecommunication network can be analytics information generated by thecommunication network (e.g., generated by the network managementcomponent).

In accordance with various implementations, the CM kernel component cancomprise or can be associated with the set of functional blocks (e.g.,functional blocks comprising baseband functions), wherein respectivefunctional blocks can perform respective functions (e.g., datacompression or decompression, data encryption or decryption, locationdetection, network-awareness functions (e.g., network-condition sensing,power level sensing, etc.), etc.) The CM kernel component and the set offunctional blocks can be embedded at the SOC level and within thetrusted zone environment.

The CM kernel component also can analyze the information relating to thecommunication network and/or the traffic flow to facilitate determiningwhich functional blocks of the set to use, and respective operationalstates or modes of the respective functional blocks of the set offunctional blocks to implement, in connection with the application, inaccordance with the defined communication enhancement criteria. As partof the analysis or evaluation, the CM kernel component can access andapply policy information (e.g., communication enhancement policyinformation), for example, obtained from a policy database (e.g., storedin a data store of the communication device). The policy information canbe based at least in part on the defined communication enhancementcriteria (e.g., which can be in accordance with desired optimizationpractices).

At 1008, respective operational states or modes of the respectivefunctional blocks of the set of functional blocks to utilize inconnection with the application can be determined, based at least inpart on the analysis results, in accordance with the definedcommunication enhancement criteria. The CM kernel component candetermine the respective operational states or modes of the respectivefunctional blocks of the set of functional blocks (e.g., can determine adesired enhanced operation condition) to employ in connection with theapplication, based at least in part on the analysis results and policydata (e.g., from the policy database), in accordance with the definedcommunication enhancement criteria. For instance, the CM kernelcomponent can determine which, if any, functional blocks of the set canbe accessed and used by the application based at least in part onwhether the application is determined to be a trusted application thatis permitted to access one or more of the functional blocks in the set,in accordance with the defined communication enhancement criteria (e.g.,a trust criterion(s) of the defined communication enhancement criteria).In some implementations, there can be one or more functional blocks inthe set that can be an open or non-secure (e.g., less secure or open)functional block(s) that is permitted to be used by trusted ornon-trusted applications.

If the CM kernel component determines that the application is a trustedapplication permitted to access at least a portion of the functionalblocks or if it determines that a functional block(s) of the set is anopen or non-secure (e.g., less secure or open) functional block(s) thatis permitted to be used by trusted or non-trusted applications, the CMkernel component can determine an enhanced operation condition inconnection with the application. For instance, the CM kernel componentcan determine the respective operational (e.g., switch) states or modesof the respective functional blocks of the set of functional blocks, inaccordance with the defined communication enhancement criteria. The CMkernel component can determine, for example, which functional block(s)of the set to employ (e.g., which functional block(s) can be desirable(e.g., most favorable, best available, optimal, etc.) to employ), and,for a functional block(s) being employed, the desired (e.g., mostfavorable, best available, optimal, etc.) operational state or mode ofthat functional block(s). In accordance with the defined communicationenhancement criteria, the functional block(s) employed also can be basedat least in part on one or more preferences of the application or thecommunication device user.

At 1010, the respective operational states or modes of the respectivefunctional blocks of the set of functional blocks associated with the CMkernel component (e.g., the embedded CM kernel component) can becontrolled (e.g., adaptively controlled) based at least in part on theresults of the determination at 1008, in accordance with the definedcommunication enhancement criteria. The CM kernel component can controlthe respective operational states or modes of the respective functionalblocks based at least in part on the results of the determination at1008, in accordance with the defined communication enhancement criteria.

In some implementations, the CM kernel component can generate controlinstructions or switching recommendations that can facilitate desirablyswitching or changing the operational states or modes of the respectivefunctional blocks of the set of functional blocks to facilitateenhancing (e.g., optimizing, acceptably improving or augmenting, etc.)operation of the communication device and/or the communication network.The CM kernel component can communicate the control instructions orswitching recommendations to the set of functional blocks, or a portionthereof, (e.g., via the kernel component or network resource managercomponent of the CM kernel component) to facilitate controlling therespective operational (e.g., switching) states or modes of therespective functional blocks of the set of functional blocks.

In certain implementations, the CM kernel component also can provideupdate information to the communication network (e.g., the base station,another component of the communication network via the base station) tofacilitate notifying the communication network that the communicationdevice is operating in accordance with the enhanced operation condition,in accordance with the defined communication enhancement criteria. Thecommunication network can use this information to facilitateimplementing a desired network operational modification, if any, basedat least in part on the enhanced operation condition employed by thecommunication device, including the respective functional blocks of theset of functional blocks, to facilitate desired operation of thecommunication network, in accordance with the defined communicationenhancement criteria (e.g., in accordance with desired optimizationpractices).

In accordance with various implementations, after the informationrelating to the traffic flow-related conditions and the network-relatedconditions associated with the communication device and/or thecommunication network is analyzed at reference numeral 1006,alternatively or additionally, the method 1000 can proceed to referencepoint A, wherein, for example, the method 1100 can proceed to provideinformation relating to the communication network and traffic flow tothe application or user, e.g., via one or more interfaces (e.g., APIs),to facilitate enabling an application or user to select desired (e.g.,favored, best available, optimal, etc.) functional blocks of the set offunctional blocks to facilitate performing operations in connection withthe application, in accordance with the defined communicationenhancement criteria.

Referring next to FIG. 11, depicted is a flow chart of an example method1100 that can facilitate enabling an application or user to selectdesired functional blocks of the set of functional blocks of acommunication device to facilitate performing operations in connectionwith the application, in accordance with various aspects and embodimentsdescribed herein. In accordance with various aspects, the method 1100can be employed by, for example, the CM kernel component and/or thetrusted memory component of the communication device. In someimplementations, the method 1100 can proceed from reference point A ofthe method 1000.

At 1102, information relating to the communication network and thetraffic flow associated with the communication device can be presentedvia an interface(s) (e.g., an API(s)) to an application (e.g., trustedapplication) and/or user of the communication device. The CM kernelcomponent and/or the trusted memory component can facilitate providing(e.g., presenting, exposing, communicating, etc.) the informationrelating to the communication network and the traffic flow associatedwith the communication device to the application and/or user. The CMkernel component can do this, for example, in response to determiningthat the application is a trusted application, and/or the user is atrusted user, in accordance with the defined communication enhancementcriteria.

The information can comprise information received or collected by the CMkernel component, analytics information and/or analysis resultsgenerated by the CM kernel component or the communication network (e.g.,by the network management component), policy data, and/or otherinformation. The information also can comprise a recommendation(s)regarding an enhanced operation condition(s) determined by the CM kernelcomponent, in accordance with the defined communication enhancedcriteria, wherein the recommendation(s) regarding the enhanced operationcondition(s) can indicate which functional block(s) and/or whichoperational state or mode of the functional block(s) is desirable (e.g.,most favorable, best available, optimal, etc.). The CM kernel componentand/or the trusted memory component can provide the various portions ofinformation to the application or user via one or more interfaces (e.g.,APIs) provided by the communication device.

At 1104, information relating to (e.g., identifying) the set offunctional blocks of the communication device can be provided (e.g.,presented, exposed, communicated, etc.) to the application and/or user.The CM kernel component and/or the trusted memory component can providethe information relating to the set of functional blocks (e.g., embeddedor secure functional blocks, and/or open functional blocks) to theapplication (e.g., via an interface, such as an API) to facilitatenotifying the application and/or user of the availability of all or aportion of the set of functional blocks on the communication device. Theinformation relating to the respective functional blocks also can relateto the respective functions (e.g., baseband functions) that can beperformed by the respective functional blocks, as more fully disclosedherein. Depending on the trust level of the application or user, and therespective availability of the respective functional blocks of the set,all or a portion of the functional blocks of the set can be available tothe application at a given time.

In some implementations, the CM kernel component, the trusted memorycomponent, and/or all or a portion (e.g., a first subset) of the set offunctional blocks can reside in the trusted zone environment of thecommunication device. The trusted zone environment can be a secure andtrusted area of the communication device, wherein the first subset ofthe functional blocks, the CM kernel component, and the trusted memorycomponent can remain invisible to, and access to the first subset of thefunctional blocks and the trusted memory component can be restricted to,certain applications (e.g., trusted applications) or other authorizedentities (e.g., authorized users) to facilitate securing the CM kernelcomponent, trusted memory component, and the first subset of functionalblocks from being attacked, destroyed, or taken over by the unauthorizedapplications or other unauthorized entities. The set of functionalblocks also can comprise a second subset of functional blocks that canreside in an open area of the communication device, wherein the secondsubset of functional blocks can be accessed by the OS kernel component,for example.

At 1106, selection information can be received from the application oruser, e.g., via the communication device. The CM kernel component canreceive the selection information, which can facilitate selection of afunctional block(s) of the set of functional blocks, from theapplication or user.

For example, the application or user (e.g., using the communicationdevice) can analyze the information relating to the communicationnetwork and traffic flow, and the information relating to the set offunctional blocks (e.g., available functional blocks), and one or moredesired (e.g., favored, best available, optimal, etc.) functional blockscan be selected based at least in part on such information, apreference(s) of the application or user, and the defined communicationenhancement criteria. The application or other component of thecommunication device can communicate selection information relating tothe one or more desired functional blocks that were selected to the CMkernel component.

At 1108, one or more desired (e.g., favored, best available, optimal,etc.) functional blocks of the set of functional blocks can beinitialized (e.g., switched on and/or operational mode set) based atleast in part on (e.g., in response to) the selection information, inaccordance with the defined communication enhancement criteria. The CMkernel component can facilitate setting the operational state(s) and/ormode(s) of the desired one or more functional blocks of the set offunctional blocks based at least in part on the selection information,in accordance with the defined communication enhancement criteria,wherein such selection of the desired one or more functional blocks andsetting of the operational state(s) and/or mode(s) of the desired one ormore functional blocks can constitute an enhanced operation condition.

At 1110, a communication connection between the application (andcommunication device) and the communication network can be established.The CM kernel component can facilitate establishing the communicationconnection between the application (and communication device) and thecommunication network to facilitate initiating a communication sessionassociated with the application, wherein the application can use the oneor more desired functional blocks of the set of functional blocks duringthe communication session. The communication connection can be a 3G, 4G,or wi-fi communication connection, for example.

In some implementations, the CM kernel component can provide updateinformation to the communication network (e.g., the base station,another component of the communication network via the base station) tofacilitate notifying the communication network that the communicationdevice is operating in accordance with the enhanced operation condition,in accordance with the defined communication enhancement criteria. Thecommunication network can use this information to facilitateimplementing a desired network operational modification, if any, basedat least in part on the enhanced operation condition employed by thecommunication device, including the respective functional blocks of theset of functional blocks, to facilitate desired operation of thecommunication network, in accordance with the defined communicationenhancement criteria (e.g., in accordance with desired optimizationpractices).

Turning to FIG. 12, illustrated is a flow chart of an example method1200 that can facilitate authenticating an application associated with acommunication device to facilitate controlling access to information andresources in a trusted zone environment of the communication device, inaccordance with various aspects and embodiments described herein. Inaccordance with various aspects, the method 1200 can be employed by, forexample, the CM kernel component of the communication device.

At 1202, authentication information or certification informationrelating to an application can be received from the applicationassociated with the communication device or another entity. Theapplication can be downloaded from an application store or other sourceon to the communication device or can otherwise be associated with thecommunication device for use by the communication device or associateduser. The CM kernel component can receive the authentication informationor the certification information relating to the application from theapplication or another entity, such as the entity (e.g., applicationstore or source) that certified the application.

In some implementations, an application can be certified through anauthorized application store or other authorized entity that isauthorized to certify applications as being trusted with respect to thetrusted zone environment, including the CM kernel component and trustedmemory component. In other implementations, an application also can beself-certifying (e.g., automatically self-certifying), for example, bybeing able to provide information (e.g., authentication information,certification standards information, etc.), to the CM kernel component,that can indicate (e.g., prove) that the application satisfies therequirements for being certified as a trusted or certified application.

At 1204, the authentication information or the certification informationcan be analyzed to generate analysis results. The CM kernel componentcan analyze the authentication information or the certificationinformation submitted by the application or other entity to facilitatedetermining whether the application is authenticated and/or certified tobe a trusted or certified application. For instance, the CM kernelcomponent can analyze the authentication information to facilitatedetermining whether the authentication information is valid, forexample, by matching corresponding authentication information stored ina data store associated with the CM kernel component, and/or whether theauthentication information is sufficient to determine that theapplication is a trusted application, in accordance with the definedcommunication enhancement criteria (e.g., comprising defined trustcriteria). The CM kernel component also can analyze the certificationinformation to facilitate determining whether the certificationinformation is sufficient to satisfy the defined trust criteria fordetermining the application to be a trusted application (e.g.,determining whether the certification information is valid informationand satisfies the set of certification standards relating tocertification of an application as a trusted application).

At 1206, a determination can be made regarding whether the applicationis authenticated or certified as a trusted application based at least inpart on the analysis results. The CM kernel component can determinewhether the application is authenticated or certified as a trustedapplication based at least in part on the analysis results.

At 1208, access to all or a portion of the information stored in thetrusted memory component and/or access to all or a portion of the set offunctional blocks can be granted to the application, in response todetermining that the application is a trusted application. The CM kernelcomponent can grant, to the application, access to all or a portion ofthe information stored in the trusted memory component and/or access toall or a portion of the set of functional blocks, in response todetermining that the application is a trusted application.

FIG. 13 presents a flow chart of an example method 1300 that canfacilitate caching information in a trusted zone environment of acommunication device, in accordance with various aspects and embodimentsdescribed herein. In accordance with various aspects, the method 1300can be employed by, for example, the CM kernel component, comprising acache manager component, and/or a cache component of the communicationdevice.

At 1302, a set of information associated with an application used by thecommunication device can be stored in the cache component. The CM kernelcomponent (e.g., employing the cache manager component) can store theset of information associated with the application in the cachecomponent. The set of information can comprise data relating to theapplication, user, communication network, or other factors or entities.The CM kernel component can receive (e.g., from the application,communication network, user, etc.) or generate information that can beincluded in the set of information prior to or during the execution ofthe method 1300.

The cache component and/or CM kernel component can be embedded at theSOC level (e.g., in a chip set) of the communication device. The cachecomponent and/or CM kernel component also can be located within a securetrusted zone environment of the communication device to facilitatesecuring information, such as the set of information, and securing theoperation and functionality of the components of the communicationdevice that are within the trusted zone environment.

At 1304, a condition(s) relating to processing of the set of informationcan be set. The CM kernel component can specify and set the condition(s)or can receive condition setting information from the application oruser that can facilitate setting or specifying the condition(s) by theCM kernel component. The condition(s) can relate to a network-relatedcondition associated with the communication network, a trafficflow-related condition associated with the traffic flow, a communicationdevice-related condition associated with the communication device, anapplication-related condition associated with the application, auser-related condition associated with the communication device user,and/or another type of condition (e.g., condition(s) relating to a date,an amount or type of data, etc.).

At 1306, the type of processing to be performed on the set ofinformation can be set. The CM kernel component can set the type ofprocessing to be performed on the set of information in response to anoccurrence of the condition(s) relating to the processing of the set ofinformation. The type of processing can be set based at least in part onprocessing-related information received from the application or user, orcan be determined by the CM kernel component.

At 1308, conditions associated with the communication network, trafficflow, communication device, application, user, and/or another type(s) ofcondition can be monitored. The CM kernel component can monitor or trackthe conditions associated with the communication network, traffic flow,communication device, application, user, and/or other type(s) ofcondition.

At 1310, an occurrence of the condition(s) relating to the processing ofthe set of information can be detected. The CM kernel component candetect the occurrence of the condition(s) relating to the processing ofthe set of information.

At 1312, the set of information can be processed, in accordance with thetype of processing to be performed on the set of information, inresponse to the occurrence of the condition(s) relating to theprocessing of the set of information. The CM kernel component canfacilitate processing the set of information based at least in part onthe type of processing to be performed on the set of information, inresponse to detecting the occurrence of the condition(s) relating to theprocessing of the set of information. For example, the type ofprocessing can be to retrieve the set of information from the cachecomponent and transmit the set of information to the application oruser. As another example, the type of processing can be to retrieve theset of information from the cache component, perform one or moreoperations (e.g., evaluations, calculations, compression ordecompression, encryption or decryption, DRM-related operations, etc.)on the set of information to generate processed information, andtransmit the processed information to the application or user.

In order to provide a context for the various aspects of the disclosedsubject matter, FIGS. 14 and 15 as well as the following discussion areintended to provide a brief, general description of a suitableenvironment in which the various aspects of the disclosed subject mattermay be implemented. While the subject matter has been described above inthe general context of computer-executable instructions of a computerprogram that runs on a computer and/or computers, those skilled in theart will recognize that this disclosure also can or may be implementedin combination with other program modules. Generally, program modulesinclude routines, programs, components, data structures, etc. thatperform particular tasks and/or implement particular abstract datatypes. Moreover, those skilled in the art will appreciate that theinventive methods may be practiced with other computer systemconfigurations, including single-processor or multiprocessor computersystems, mini-computing devices, mainframe computers, as well aspersonal computers, hand-held computing devices (e.g., PDA, phone,electronic tablets or pads, etc.), microprocessor-based or programmableconsumer or industrial electronics, and the like. The illustratedaspects may also be practiced in distributed computing environmentswhere tasks are performed by remote processing devices that are linkedthrough a communications network. However, some, if not all aspects ofthis disclosure can be practiced on stand-alone computers. In adistributed computing environment, program modules may be located inboth local and remote memory storage devices.

With reference to FIG. 14, a suitable environment 1400 for implementingvarious aspects of this disclosure includes a computer 1412. Thecomputer 1412 includes a processing unit 1414, a system memory 1416, anda system bus 1418. It is to be appreciated that the computer 1412 can beused in connection with implementing one or more of the systems orcomponents shown and described in connection with FIGS. 1-8, orotherwise described herein. The system bus 1418 couples systemcomponents including, but not limited to, the system memory 1416 to theprocessing unit 1414. The processing unit 1414 can be any of variousavailable processors. Dual microprocessors and other multiprocessorarchitectures also can be employed as the processing unit 1414.

The system bus 1418 can be any of several types of bus structure(s)including the memory bus or memory controller, a peripheral bus orexternal bus, and/or a local bus using any variety of available busarchitectures including, but not limited to, Industrial StandardArchitecture (ISA), Micro-Channel Architecture (MSA), Extended ISA(EISA), Intelligent Drive Electronics (IDE), VESA Local Bus (VLB),Peripheral Component Interconnect (PCI), Card Bus, Universal Serial Bus(USB), Advanced Graphics Port (AGP), Personal Computer Memory CardInternational Association bus (PCMCIA), Firewire (IEEE 1394), and SmallComputer Systems Interface (SCSI).

The system memory 1416 includes volatile memory 1420 and nonvolatilememory 1422. The basic input/output system (BIOS), containing the basicroutines to transfer information between elements within the computer1412, such as during start-up, is stored in nonvolatile memory 1422. Byway of illustration, and not limitation, nonvolatile memory 1422 caninclude read only memory (ROM), programmable ROM (PROM), electricallyprogrammable ROM (EPROM), electrically erasable programmable ROM(EEPROM), flash memory, or nonvolatile random access memory (RAM) (e.g.,ferroelectric RAM (FeRAM)). Volatile memory 1420 includes random accessmemory (RAM), which acts as external cache memory. By way ofillustration and not limitation, RAM is available in many forms such asstatic RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), doubledata rate SDRAM (DDR SDRAM), enhanced SDRAM (ESDRAM), Synchlink DRAM(SLDRAM), direct Rambus RAM (DRRAM), direct Rambus dynamic RAM (DRDRAM),and Rambus dynamic RAM.

Computer 1412 also includes removable/non-removable,volatile/non-volatile computer storage media. FIG. 14 illustrates, forexample, a disk storage 1424. Disk storage 1424 includes, but is notlimited to, devices like a magnetic disk drive, floppy disk drive, tapedrive, Jaz drive, Zip drive, LS-100 drive, flash memory card, or memorystick. The disk storage 1424 also can include storage media separatelyor in combination with other storage media including, but not limitedto, an optical disk drive such as a compact disk ROM device (CD-ROM), CDrecordable drive (CD-R Drive), CD rewritable drive (CD-RW Drive) or adigital versatile disk ROM drive (DVD-ROM). To facilitate connection ofthe disk storage devices 1424 to the system bus 1418, a removable ornon-removable interface is typically used, such as interface 1426.

FIG. 14 also depicts software that acts as an intermediary between usersand the basic computer resources described in the suitable operatingenvironment 1400. Such software includes, for example, an operatingsystem 1428. Operating system 1428, which can be stored on disk storage1424, acts to control and allocate resources of the computer system1412. System applications 1430 take advantage of the management ofresources by operating system 1428 through program modules 1432 andprogram data 1434 stored, e.g., in system memory 1416 or on disk storage1424. It is to be appreciated that this disclosure can be implementedwith various operating systems or combinations of operating systems.

A user enters commands or information into the computer 1412 throughinput device(s) 1436. Input devices 1436 include, but are not limitedto, a pointing device such as a mouse, trackball, stylus, touch pad,keyboard, microphone, joystick, game pad, satellite dish, scanner, TVtuner card, digital camera, digital video camera, web camera, and thelike. These and other input devices connect to the processing unit 1414through the system bus 1418 via interface port(s) 1438. Interfaceport(s) 1438 include, for example, a serial port, a parallel port, agame port, and a universal serial bus (USB). Output device(s) 1440 usesome of the same type of ports as input device(s) 1436. Thus, forexample, a USB port may be used to provide input to computer 1412, andto output information from computer 1412 to an output device 1440.Output adapter 1442 is provided to illustrate that there are some outputdevices 1440 like monitors, speakers, and printers, among other outputdevices 1440, which require special adapters. The output adapters 1442include, by way of illustration and not limitation, video and soundcards that provide a means of connection between the output device 1440and the system bus 1418. It should be noted that other devices and/orsystems of devices provide both input and output capabilities such asremote computer(s) 1444.

Computer 1412 can operate in a networked environment using logicalconnections to one or more remote computers, such as remote computer(s)1444. The remote computer(s) 1444 can be a personal computer, a server,a router, a network PC, a workstation, a microprocessor based appliance,a peer device or other common network node and the like, and typicallyincludes many or all of the elements described relative to computer1412. For purposes of brevity, only a memory storage device 1446 isillustrated with remote computer(s) 1444. Remote computer(s) 1444 islogically connected to computer 1412 through a network interface 1448and then physically connected via communication connection 1450. Networkinterface 1448 encompasses wire and/or wireless communication networkssuch as local-area networks (LAN), wide-area networks (WAN), cellularnetworks, etc. LAN technologies include Fiber Distributed Data Interface(FDDI), Copper Distributed Data Interface (CDDI), Ethernet, Token Ringand the like. WAN technologies include, but are not limited to,point-to-point links, circuit switching networks like IntegratedServices Digital Networks (ISDN) and variations thereon, packetswitching networks, and Digital Subscriber Lines (DSL).

Communication connection(s) 1450 refers to the hardware/softwareemployed to connect the network interface 1448 to the bus 1418. Whilecommunication connection 1450 is shown for illustrative clarity insidecomputer 1412, it can also be external to computer 1412. Thehardware/software necessary for connection to the network interface 1448includes, for exemplary purposes only, internal and externaltechnologies such as, modems including regular telephone grade modems,cable modems and DSL modems, ISDN adapters, and Ethernet cards.

FIG. 15 is a schematic block diagram of a sample-computing environment1500 (e.g., computing system) with which the subject matter of thisdisclosure can interact. The system 1500 includes one or more client(s)1510. The client(s) 1510 can be hardware and/or software (e.g., threads,processes, computing devices). The system 1500 also includes one or moreserver(s) 1530. Thus, system 1500 can correspond to a two-tier clientserver model or a multi-tier model (e.g., client, middle tier server,data server), amongst other models. The server(s) 1530 can also behardware and/or software (e.g., threads, processes, computing devices).The servers 1530 can house threads to perform transformations byemploying this disclosure, for example. One possible communicationbetween a client 1510 and a server 1530 may be in the form of a datapacket transmitted between two or more computer processes.

The system 1500 includes a communication framework 1550 that can beemployed to facilitate communications between the client(s) 1510 and theserver(s) 1530. The client(s) 1510 are operatively connected to one ormore client data store(s) 1520 that can be employed to store informationlocal to the client(s) 1510. Similarly, the server(s) 1530 areoperatively connected to one or more server data store(s) 1540 that canbe employed to store information local to the servers 1530.

It is to be noted that aspects, features, and/or advantages of thedisclosed subject matter can be exploited in substantially any wirelesstelecommunication or radio technology, e.g., wi-fi; bluetooth; worldwideinteroperability for microwave access (WiMAX); enhanced general packetradio service (enhanced GPRS); third generation partnership project(3GPP) long term evolution (LTE); third generation partnership project 2(3GPP2) ultra mobile broadband (UMB); 3GPP universal mobiletelecommunication system (UMTS); high speed packet access (HSPA); highspeed downlink packet access (HSDPA); high speed uplink packet access(HSUPA); GSM (global system for mobile communications) EDGE (enhanceddata rates for GSM evolution) radio access network (GERAN); UMTSterrestrial radio access network (UTRAN); LTE advanced (LTE-A); etc.Additionally, some or all of the aspects described herein can beexploited in legacy telecommunication technologies, e.g., GSM. Inaddition, mobile as well non-mobile networks (e.g., the internet, dataservice network such as internet protocol television (IPTV), etc.) canexploit aspects or features described herein.

Various aspects or features described herein can be implemented as amethod, apparatus, system, or article of manufacture using standardprogramming or engineering techniques. In addition, various aspects orfeatures disclosed in the subject specification can also be realizedthrough program modules that implement at least one or more of themethods disclosed herein, the program modules being stored in a memoryand executed by at least a processor. Other combinations of hardware andsoftware or hardware and firmware can enable or implement aspectsdescribed herein, including disclosed method(s). The term “article ofmanufacture” as used herein is intended to encompass a computer programaccessible from any computer-readable device, carrier, or storage media.For example, computer-readable storage media can include but are notlimited to magnetic storage devices (e.g., hard disk, floppy disk,magnetic strips, etc.), optical discs (e.g., compact disc (CD), digitalversatile disc (DVD), blu-ray disc (BD), etc.), smart cards, and memorydevices comprising volatile memory and/or non-volatile memory (e.g.,flash memory devices, such as, for example, card, stick, key drive,etc.), or the like. In accordance with various implementations,computer-readable storage media can be non-transitory computer-readablestorage media and/or a computer-readable storage device can comprisecomputer-readable storage media.

As it is employed in the subject specification, the term “processor” canrefer to substantially any computing processing unit or devicecomprising, but not limited to, single-core processors;single-processors with software multithread execution capability;multi-core processors; multi-core processors with software multithreadexecution capability; multi-core processors with hardware multithreadtechnology; parallel platforms; and parallel platforms with distributedshared memory. A processor can be or can comprise, for example, multipleprocessors that can include distributed processors or parallelprocessors in a single machine or multiple machines. Additionally, aprocessor can comprise or refer to an integrated circuit, an applicationspecific integrated circuit (ASIC), a digital signal processor (DSP), aprogrammable gate array (PGA), a field PGA (FPGA), a programmable logiccontroller (PLC), a complex programmable logic device (CPLD), a statemachine, a discrete gate or transistor logic, discrete hardwarecomponents, or any combination thereof designed to perform the functionsdescribed herein. Further, processors can exploit nano-scalearchitectures such as, but not limited to, molecular and quantum-dotbased transistors, switches and gates, in order to optimize space usageor enhance performance of user equipment. A processor may also beimplemented as a combination of computing processing units.

A processor can facilitate performing various types of operations, forexample, by executing computer-executable instructions. When a processorexecutes instructions to perform operations, this can include theprocessor performing (e.g., directly performing) the operations and/orthe processor indirectly performing operations, for example, byfacilitating (e.g., facilitating operation of), directing, controlling,or cooperating with one or more other devices or components to performthe operations. In some implementations, a memory can storecomputer-executable instructions, and a processor can be communicativelycoupled to the memory, wherein the processor can access or retrievecomputer-executable instructions from the memory and can facilitateexecution of the computer-executable instructions to perform operations.

In certain implementations, a processor can be or can comprise one ormore processors that can be utilized in supporting a virtualizedcomputing environment or virtualized processing environment. Thevirtualized computing environment may support one or more virtualmachines representing computers, servers, or other computing devices. Insuch virtualized virtual machines, components such as processors andstorage devices may be virtualized or logically represented.

In the subject specification, terms such as “store,” “storage,” “datastore,” data storage,” “database,” and substantially any otherinformation storage component relevant to operation and functionality ofa component are utilized to refer to “memory components,” entitiesembodied in a “memory,” or components comprising a memory. It is to beappreciated that memory and/or memory components described herein can beeither volatile memory or nonvolatile memory, or can include bothvolatile and nonvolatile memory.

By way of illustration, and not limitation, nonvolatile memory caninclude read only memory (ROM), programmable ROM (PROM), electricallyprogrammable ROM (EPROM), electrically erasable ROM (EEPROM), or flashmemory. Volatile memory can include random access memory (RAM), whichacts as external cache memory. By way of illustration and notlimitation, RAM is available in many forms such as synchronous RAM(SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rateSDRAM (DDR SDRAM), enhanced SDRAM (ESDRAM), Synchlink DRAM (SLDRAM), anddirect Rambus RAM (DRRAM). Additionally, the disclosed memory componentsof systems or methods herein are intended to comprise, without beinglimited to comprising, these and any other suitable types of memory.

As used in this application, the terms “component”, “system”,“platform”, “framework”, “layer”, “interface”, “agent”, and the like,can refer to and/or can include a computer-related entity or an entityrelated to an operational machine with one or more specificfunctionalities. The entities disclosed herein can be either hardware, acombination of hardware and software, software, or software inexecution. For example, a component may be, but is not limited to being,a process running on a processor, a processor, an object, an executable,a thread of execution, a program, and/or a computer. By way ofillustration, both an application running on a server and the server canbe a component. One or more components may reside within a processand/or thread of execution and a component may be localized on onecomputer and/or distributed between two or more computers.

In another example, respective components can execute from variouscomputer readable media having various data structures stored thereon.The components may communicate via local and/or remote processes such asin accordance with a signal having one or more data packets (e.g., datafrom one component interacting with another component in a local system,distributed system, and/or across a network such as the Internet withother systems via the signal). As another example, a component can be anapparatus with specific functionality provided by mechanical partsoperated by electric or electronic circuitry, which is operated by asoftware or firmware application executed by a processor. In such acase, the processor can be internal or external to the apparatus and canexecute at least a part of the software or firmware application. As yetanother example, a component can be an apparatus that provides specificfunctionality through electronic components without mechanical parts,wherein the electronic components can include a processor or other meansto execute software or firmware that confers at least in part thefunctionality of the electronic components. In an aspect, a componentcan emulate an electronic component via a virtual machine, e.g., withina cloud computing system.

In addition, the term “or” is intended to mean an inclusive “or” ratherthan an exclusive “or.” That is, unless specified otherwise, or clearfrom context, “X employs A or B” is intended to mean any of the naturalinclusive permutations. That is, if X employs A; X employs B; or Xemploys both A and B, then “X employs A or B” is satisfied under any ofthe foregoing instances. Moreover, articles “a” and “an” as used in thesubject specification and annexed drawings should generally be construedto mean “one or more” unless specified otherwise or clear from contextto be directed to a singular form.

Moreover, terms like “user equipment” (UE), “mobile station,” “mobile,”“wireless device,” “wireless communication device,” “subscriberstation,” “subscriber equipment,” “access terminal,” “terminal,”“handset,” and similar terminology are used herein to refer to awireless device utilized by a subscriber or user of a wirelesscommunication service to receive or convey data, control, voice, video,sound, gaming, or substantially any data-stream or signaling-stream. Theforegoing terms are utilized interchangeably in the subjectspecification and related drawings. Likewise, the terms “access point”(AP), “base station,” “node B,” “evolved node B” (eNode B or eNB), “homenode B” (HNB), “home access point” (HAP), and the like are utilizedinterchangeably in the subject application, and refer to a wirelessnetwork component or appliance that serves and receives data, control,voice, video, sound, gaming, or substantially any data-stream orsignaling-stream from a set of subscriber stations. Data and signalingstreams can be packetized or frame-based flows.

Furthermore, the terms “user,” “subscriber,” “customer,” “consumer,”“owner,” “agent,” and the like are employed interchangeably throughoutthe subject specification, unless context warrants particulardistinction(s) among the terms. It should be appreciated that such termscan refer to human entities or automated components supported throughartificial intelligence (e.g., a capacity to make inference based oncomplex mathematical formalisms), which can provide simulated vision,sound recognition and so forth.

As used herein, the terms “example,” “exemplary,” and/or “demonstrative”are utilized to mean serving as an example, instance, or illustration.For the avoidance of doubt, the subject matter disclosed herein is notlimited by such examples. In addition, any aspect or design describedherein as an “example,” “exemplary,” and/or “demonstrative” is notnecessarily to be construed as preferred or advantageous over otheraspects or designs, nor is it meant to preclude equivalent exemplarystructures and techniques known to those of ordinary skill in the art.Furthermore, to the extent that the terms “includes,” “has,” “contains,”and other similar words are used in either the detailed description orthe claims, such terms are intended to be inclusive, in a manner similarto the term “comprising” as an open transition word, without precludingany additional or other elements.

It is to be appreciated and understood that components (e.g.,communication device, UE, AP, communication network, application, CMkernel component, connection manager component, kernel component,resource manager component, cache manager component, cache component,functional block, processor component, data store, etc.), as describedwith regard to a particular system or method, can include the same orsimilar functionality as respective components (e.g., respectively namedcomponents or similarly named components) as described with regard toother systems or methods disclosed herein.

What has been described above includes examples of systems and methodsthat provide advantages of the disclosed subject matter. It is, ofcourse, not possible to describe every conceivable combination ofcomponents or methods for purposes of describing the disclosed subjectmatter, but one of ordinary skill in the art may recognize that manyfurther combinations and permutations of the disclosed subject matterare possible. Furthermore, to the extent that the terms “includes,”“has,” “possesses,” and the like are used in the detailed description,claims, appendices and drawings such terms are intended to be inclusivein a manner similar to the term “comprising” as “comprising” isinterpreted when employed as a transitional word in a claim.

What is claimed is:
 1. A method, comprising: storing, by a systemcomprising a processor, information relating to a communication networkand a traffic flow in a trusted memory of a communication device;controlling, by the system, access to the information stored in thetrusted memory and access to functional blocks of the communicationdevice by an application associated with the communication device, basedon whether the application is a trusted application, in accordance witha defined communication enhancement criterion, wherein the trustedmemory and the functional blocks are in a trusted zone of thecommunication device that is associated with a defined trust level thatis a higher trust level than another defined trust level associated withanother zone of the communication device that comprises another memory,wherein the functional blocks are embedded in a system-on-chip componentto facilitate resource control and security of the functional blockswithin the system-on-chip component, and wherein access to a controllayer of the system-on-chip component facilitates the controlling of theaccess to the functional blocks by the application; and in response todetermining the application is the trusted application, analyzing, bythe system, the information relating to the communication network andthe traffic flow associated with the communication device to facilitatedetermining a functional block of the functional blocks that is to beutilized by the application based on a result of the analyzing relatingto a level of network congestion of the communication network and anamount of the traffic flow associated with the communication device. 2.The method of claim 1, further comprising: receiving, by the system,authentication information in connection with the application; anddetermining, by the system, whether the application is the trustedapplication based on the authentication information.
 3. The method ofclaim 1, further comprising: monitoring, by the system, a firstcondition relating to the communication network and a second conditionrelating to the traffic flow; receiving, by the system, data associatedwith the first condition relating to the communication network and thesecond condition relating to the traffic flow; and analyzing, by thesystem, the data associated with the first condition relating to thecommunication network and the second condition relating to the trafficflow.
 4. The method of claim 3, further comprising: determining, by thesystem, whether to use the functional block of the functional blocks inconnection with the application, based on a first result of theanalyzing of the data and a second result of determining whether theapplication is the trusted application; and determining, by the system,an operational state of the functional block to utilize in connectionwith the application, based on a third result of the determining whetherto use the functional block.
 5. The method of claim 3, furthercomprising: presenting, by the system, the data to the application,wherein the application is determined to be the trusted application tofacilitate analysis of the data by the application; and presenting, bythe system, resource information relating to the functional blocks tothe application to facilitate analysis of the resource information bythe application.
 6. The method of claim 5, further comprising:receiving, by the system, selection information from the application,wherein the selection information facilitates operating thecommunication device in accordance with an enhanced operation conditionthat satisfies a defined communication enhancement criterion relating tooperation of the communication device; initializing, by the system, afunctional block of the functional blocks, based on the selectioninformation, in accordance with the defined communication enhancementcriterion; and establishing, by the system, a communication connectionbetween the application and a network device of the communicationnetwork to facilitate communicating traffic based on operation of thefunctional block.
 7. The method of claim 6, further comprising:presenting, by the system, operational information relating to theenhanced operation condition to the network device to facilitatenotifying the network device that the communication device is operatingin accordance with the enhanced operation condition to facilitate amodification of a network operational parameter in response to theenhanced operation condition.
 8. The method of claim 1, furthercomprising: storing, by the system, data associated with the applicationin a cache memory in the trusted zone of the communication device;setting, by the system, a processing condition relating to processing ofthe data; and setting, by the system, a type of processing to beperformed on the data.
 9. The method of claim 8, further comprising:monitoring, by the system, condition-related information relating to theprocessing condition; and detecting, by the system, an occurrence of theprocessing condition based on the condition-related information.
 10. Themethod of claim 9, further comprising: retrieving, by the system, thedata from the cache memory; processing, by the system, the data togenerate processed data, based on the type of processing; andpresenting, by the system, the processed data to the application.
 11. Asystem, comprising: a processor; and a memory that stores executableinstructions that, when executed by the processor, facilitateperformance of operations, comprising: storing data relating to acommunication network and a traffic flow in a trusted memory of userequipment; and controlling access to the data stored in the trustedmemory and access to a resources of the user equipment by an applicationassociated with the user equipment, based on whether the application isa trusted application, in accordance with a defined communicationenhancement criterion relating to a defined trust level associated withthe trusted memory, wherein the defined trust level facilitatesindicating whether the application is sufficiently trusted to permit theapplication to access the trusted memory and the resources, wherein theresources are located at a system-on-chip level to facilitate resourcecontrol and security of the resources at the system-on-chip level, andwherein access to a control layer at the system-on-chip levelfacilitates the controlling of the access to the resources; and inresponse to determining the application is the trusted application,analyzing the data relating to the communication network and the trafficflow associated with the user equipment to facilitate determining aresource of the resources to be utilized by the application based on aresult of the analyzing relating to network congestion of thecommunication network and the traffic flow associated with the userequipment.
 12. The system of claim 11, wherein the operations furthercomprise: receiving an authentication credential in connection with theapplication; and determining whether the application is the trustedapplication based on the authentication credential, wherein the trustedmemory and the resources are in a trusted zone of the user equipmentthat is associated with the defined trust level that is a higher trustlevel than another defined trust level associated with another zone ofthe user equipment that comprises another memory.
 13. The system ofclaim 11, wherein the operations further comprise: monitoring acondition relating to the communication network and another conditionrelating to the traffic flow; receiving the data associated with thecondition relating to the communication network and the other conditionrelating to the traffic flow; and analyzing the data associated with thecondition relating to the communication network and the other conditionrelating to the traffic flow to generate an analysis result.
 14. Thesystem of claim 13, wherein the resources comprises functional blocks,and wherein the operations further comprise: determining whether to usea functional block of the functional blocks in connection with theapplication, based on the analysis result and a second result of adetermination of whether the application is the trusted application; anddetermining an operational mode of the functional block to utilize inconnection with the application based on the analysis result thatindicates a level of the network congestion of the communication networkand an amount of the traffic flow associated with the user equipment, inresponse to determining the functional block is to be used in connectionwith the application.
 15. The system of claim 13, wherein the resourcescomprises functional blocks, and wherein the operations furthercomprise: exposing, via a first interface, the data to the application,wherein the application is determined to be the trusted application tofacilitate analysis of the data by the application; and exposing, via asecond interface, resource information relating to the functional blocksto the application to facilitate analysis of the resource information bythe application.
 16. The system of claim 15, wherein the operationsfurther comprise: receiving selection information from the application,wherein the selection information facilitates operation of the userequipment in accordance with an enhanced operation condition thatsatisfies a defined communication enhancement criterion relating tooperation of the user equipment; setting an operational parameter of afunctional block of the set of functional blocks, based on the selectioninformation, in accordance with the defined communication enhancementcriterion; and establishing a communication connection between theapplication and a network device of the communication network tofacilitate communication of traffic based on operation of the functionalblock.
 17. The system of claim 11, wherein the operations furthercomprise: storing data associated with the application in a cache memoryin the trusted zone of the user equipment; and setting a processingcondition and a type of processing in connection with processing thedata.
 18. The system of claim 17, wherein the operations furthercomprise: sensing the processing condition has occurred; retrieving thedata from the cache memory; and processing the data to generateprocessed data, based on the type of processing; and communicating theprocessed data to the application.
 19. A computer-readable storagedevice storing executable instructions that, in response to execution,cause a system including a processor to perform operations, comprising:storing data relating to a communication network and a traffic flow in atrusted memory of a communication device; controlling access to the datastored in the trusted memory and access to a set of resources of thecommunication device by an application associated with the communicationdevice, based on whether the application is a trusted application, inaccordance with a defined communication enhancement criterion, whereinthe trusted memory and the set of resources are in a trusted zone of thecommunication device that is associated with a defined trust level thatis a higher trust level than another defined trust level associated withanother zone of the communication device that comprises another memory,wherein the set of resources are embedded in a system-on-chip componentto facilitate security of the set of resources in the system-on-chipcomponent, and wherein access to a control layer of the system-on-chipcomponent facilitates the controlling of the access to the set ofresources; and in response to determining the application is the trustedapplication, analyzing the data relating to the communication networkand the traffic flow associated with the communication device tofacilitate determining a resource of the set of resources that is to beutilized by the application based on a result of the analyzing thatrelates to a level of congestion of the communication network and anamount of the traffic flow associated with the communication device. 20.The computer-readable storage device of claim 19, wherein the operationsfurther comprise: receiving certification-related information inconnection with the application; and determining whether the applicationis the trusted application based on the certification-relatedinformation.